Cisco Cisco Content Security Management Appliance M390 Notas de publicación
2
Release Notes for Hot Patch 2 for Cisco IronPort AsyncOS 7.7.0 for Security Management
Resolved Issues
Resolved Issues
New and Changed Information
This release is governed under a new End User License Agreement and supplement. The text of this
agreement is available in the User Guide for your release, available from
agreement is available in the User Guide for your release, available from
.
Additional Information
For additional information about Cisco IronPort AsyncOS 7.7.0 for Security Management, see the
Release Notes at
Release Notes at
Service and Support
Use the following methods to obtain support:
U.S.: Call 1 (408) 526-7209 or toll-free 1 (800) 553-2447
International:
Support Site:
You can also access customer support from the appliance. For instructions, see the User Guide or online
help.
help.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of
Cisco trademarks, go to this URL:
Cisco trademarks, go to this URL:
. Third-party trademarks mentioned are the property of their respective owners.
The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2013 Cisco Systems, Inc. All rights reserved.
Defect ID
Description
CSCzv24579
Fixed: Web Framework Authenticated Command Injection Vulnerability
A vulnerability in the appliance could have allowed an authenticated, remote
attacker to execute arbitrary commands on the underlying operating system with
elevated privileges.
attacker to execute arbitrary commands on the underlying operating system with
elevated privileges.
For more information, see the Cisco security advisory at