Severity
Medium
Analysis Summary
The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exploit this vulnerability by sending a malicious HTTPS CONNECT message to the Central Manager. A successful exploit could allow the attacker to access public internet resources that would normally be blocked by corporate policies.
Impact
Security Bypass
Affected Vendors
Cisco
Affected Products
Remediation
Please see vendor’s advisory for more details as the bug report CSCvo13639 indicates a fixed status.