Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0624


Vulnerability Score 4.3 4.3
CVE Id CVE-2015-0624
Last Modified 02 Mar 2015 09:59:54
Published 21 Feb 2015 06:59:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.

Vulnerable Systems


CISCO - 20150220 Cisco AsyncOS Software HTTP Redirect Vulnerability

SECTRACK - 1031782

SECTRACK - 1031781

BID - 72702


Last Updated: 27 May 2016 11:07:57