Cisco Security Manager Vulnerability

Cisco recently released an out-of-band patch for their enterprise security manager application, Cisco Security Manager. This application is used to manage Cisco security devices such as firewalls, intrusion prevention systems (IPSs), or a VPN.

The vulnerability is within the Cisco IPS event viewer, which by default, is installed with the security manager application. When the IPS event viewer is launched, several remotely available TCP ports are open on the Cisco Security Manager server.

For more information on this vulnerability and to install the patch, read the Cisco Security Advisory.