Cisco has issued alerts for a vulnerability found in its email security and web management products that could allow an authenticated remote actor to retrieve sensitive information from an affected device.
An advisory issued by Cisco this week outlined that the vulnerability—detected in the web management interface of Cisco Secure Email and Web Manager, known formerly as Cisco Security Management Appliance (CSMA), and Cisco Email Security Appliance (ESA)—allows an authenticated actor to extract sensitive information through a Lightweight Directory Access Protocol (LDAP) server connected to the affected device.
