Cisco Bug: CSCuj31343 - Restricted IPs able to lock valid accounts through CLI
Nov 12, 2016
- Cisco Email Security Appliance
Known Affected Releases
Symptom: Non-"Admin" account becomes locked. Conditions: Only occurs in appliance CLI. User accounts set to lock when a set number of failed login attempts is reached. A restricted IP is capable of attempting to authenticate a valid account which will always result in failure, after login failures reach the set number to lock an account the user account in question will be locked.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases