Cisco has released an update which addresses a trio of vulnerabilities in its IronPort line of products.
The company said that the flaws affect versions 6.2 and 6.5 of the IronPort Encryption appliance as well as IronPort PostX MAP. The company said that the IronPort C, M and S appliances were not believed to be vulnerable.
Cisco reported that two of the flaws, if exploited, could allow an attacker to view sensitive system administration, while the third could allow an attacker to remotely execute code.
The first of the information disclosure flaws was found in the appliance's administration interface component, while the second vulernability was found in the WebSafe Servlet component.
The remote code execution vulnerability was found within the HTTPS server component. That vulnerability can be mitigated by restricting access to trusted IP addresses, the company said.
Administrators looking to obtain and install the fixes are advised to contact Cisco's IronPort technical support team.
.png&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
