Cisco Bug: CSCvu18825 - Cisco Content Security Appliance Syslog Information Disclosure Vulnerability
Jul 06, 2020
- Cisco Content Security Management Appliance
Known Affected Releases
Symptom: A vulnerability in the log management subsystem of AsyncOS for Cisco Content Security Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive information stored in certain log files.. The vulnerability is due to insufficient controls related to Syslog based log subscriptions.. An attacker could exploit this vulnerability by waiting for the legitimate syslog server to go offline and impersonating it. An exploit could allow the attacker to obtain sensitive information stored in the product logs that are being sent via syslog. An attacker cannot exploit this vulnerability to affect the availability of the syslog server. Conditions: This vulnerability Cisco SMA configured to send out log subscriptions via Syslog. This vulnerability can only be exploited if the legitimate Syslog server goes offline and the attacker is able to impersonate it.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases