Cisco Cisco Email Security Appliance C160
2
Release Notes for Hot Patch 4 for Cisco IronPort AsyncOS 7.5.2 for Email Security
What’s New
What’s New
New License Agreement and Supplemental License Agreement. The IronPort End User License
Agreement has been replaced and a Supplemental License Agreement has been added. Because the
license agreement has changed, you may be required to accept the new agreement when you apply new
feature keys after upgrading.
Agreement has been replaced and a Supplemental License Agreement has been added. Because the
license agreement has changed, you may be required to accept the new agreement when you apply new
feature keys after upgrading.
A copy of the new license agreement is included in the Online Help. To view it, choose Help and
Support > Online Help, scroll down to the end of the the Contents list, and click the link for the license
agreement.
Support > Online Help, scroll down to the end of the the Contents list, and click the link for the license
agreement.
Resolved Issues
The following issue is resolved in this release:
Additional Information
For additional information about Cisco IronPort AsyncOS 7.5.2 for Email Security, see the Release
Notes at
Notes at
.
Defect ID
Description
Web Framework Authenticated Command Injection Vulnerability
A vulnerability in the Cisco IronPort Email Security appliance that could have allowed
an authenticated, remote attacker to execute arbitrary commands on the underlying
operating system with elevated privileges.
an authenticated, remote attacker to execute arbitrary commands on the underlying
operating system with elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
.