Cisco Cisco Email Security Appliance C190
2
Release Notes for Hot Patch 6 for Cisco IronPort AsyncOS 7.1.5 for Email Security
Resolved Issues
Resolved Issues
Additional Information
For additional information about Cisco IronPort AsyncOS 7.1.5 for Email Security, see the Release
Notes at
Notes at
.
Table 1
Resolved Issues in Hot Patch 6 for Cisco IronPort AsyncOS 7.1.5 for Email Security
Defect ID
Description
IronPort Spam Quarantine (ISQ) Denial of Service Vulnerability
A vulnerability in the Cisco IronPort Email Security appliance that could have
allowed an unauthenticated, remote attacker to cause multiple critical processes to
become unresponsive, resulting in a denial of service condition.
allowed an unauthenticated, remote attacker to cause multiple critical processes to
become unresponsive, resulting in a denial of service condition.
For more information on the vulnerability, see the Cisco security advisory at
.
Web Framework Authenticated Command Injection Vulnerability
A vulnerability in the Cisco IronPort Email Security appliance that could have
allowed an authenticated, remote attacker to execute arbitrary commands on the
underlying operating system with elevated privileges.
allowed an authenticated, remote attacker to execute arbitrary commands on the
underlying operating system with elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
.
Management Graphical User Interface Denial of Service Vulnerability
A vulnerability in the Cisco IronPort Email Security appliance that could have
allowed an unauthenticated, remote attacker to cause multiple critical processes to
become unresponsive, resulting in a denial of service condition.
allowed an unauthenticated, remote attacker to cause multiple critical processes to
become unresponsive, resulting in a denial of service condition.
For more information on the vulnerability, see the Cisco security advisory at
.