Cisco Bug: CSCus83427 - Certificate Generation Through Web GUI Leaks Password
Feb 06, 2017
- Cisco Web Security Appliance
Known Affected Releases
Symptom: A vulnerability in certificate generating process in the web interface of the Cisco Web Security Appliance could allow an authenticated, local attacker to access sensitive information. The vulnerability is due to unspecified conditions in the affected software that could allow the attacker to log all processes and obtain the password used to encrypt the private keys. Conditions: Device configured with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases