CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2012-1326
https://notcve.org/view.php?id=CVE-2012-1326
Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks Cisco IronPort Web Security Appliance versiones hasta 7.5 incluyéndola, no comprueba las restricciones básicas del certificado de autoridad que podría conllevar a ataques de tipo MITM. • http://www.securityfocus.com/bid/52981 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-1326 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0334
https://notcve.org/view.php?id=CVE-2012-0334
Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks El software Cisco IronPort Web Security Appliance AsyncOS versiones anteriores a 7.5, presenta una vulnerabilidad de Almacenamiento en Caché de Certificado SSL lo que podría permitir ataques de tipo man-in-the-middle. • http://www.securityfocus.com/bid/52981 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-0334 • CWE-20: Improper Input Validation •