1. Home
  2. CVE Database
  3. CVE-2009-0054
MEDIUM · 4.3

CVE-2009-0054

PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2....

Vulnerability Description

PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
CiscoIronport Encryption Appliance6.2.4
CiscoIronport Postx6.2.1

Related Weaknesses (CWE)

CWE-255

References

FAQ

What is CVE-2009-0054?

CVE-2009-0054 is a vulnerability with a CVSS score of 4.3 (MEDIUM). PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2....

How severe is CVE-2009-0054?

CVE-2009-0054 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0054?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ironport Encryption Appliance, Cisco Ironport Postx.