Cisco Email Security Appliance is vulnerable to a denial of service, caused by insufficient error handling in DNS name resolution. By sending specially crafted email messages, a remote attacker could exploit this vulnerability to prevent users from logging in to the affected device.
Cisco Prime Infrastructure and Evolved Programmable Network Manager are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to execute a script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Cisco Redundancy Configuration Manager for Cisco StarOS Software is vulnerable to a denial of service, caused by improper input validation of an ingress TCP packet. By sending specially crafted packets, a remote attacker could exploit this vulnerability to restart the process.
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.
Cisco Email Security Appliance
Cisco Prime Infrastructure and Evolved Programmable Network Manager
Cisco Redundancy Configuration Manager