Cisco Content Security Management Appliance and Cisco Email Security Appliance Information Disclosure Vulnerability

A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to gain out-of-scope access to email.

The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-sma-info-dis

Security Impact Rating: Medium

CVE: CVE-2019-12635

Related:

  • No Related Posts

How to Install a Citrix License – All Products

This article describes how to install a Citrix Licenses on a Citrix License server and on a Citrix network appliance.

The new Citrix License Portal will provide specifice product steps on how to install:

  • New licenses on to a new product installation
  • New licenses to an existing installation
  • Renewed licenses


Citrix License Portal

Please visit the Citrix License Portal for guidance

Related:

  • No Related Posts

Customizing the on-premises Citrix Gateway authentication page to look identical to Citrix Cloud logon page

Important! Citrix does not support customizations and cannot offer support to resolve the issue beyond reverting to a default theme.

Points to Note

These changes are limited to RfWebUI theme and affects RfWebUI theme and any custom theme based on RfWebUI, because the RfWebUI theme source code is replaced. On making these changes, note that;

  • RfWebUI is supported only for the Citrix Gateway as an identity provider use case.
  • RfWebUI is not supported for any other on-premises use cases such as clientless VPN, VPN, or HDX proxy. For these use cases, classic authentication policies with any of the non-RfWebUI themes (Default, Green Bubble, X1) or any custom themes based on these must be used

Steps

  1. Take a backup of LogonPoint directory present in /var/netscaler/logon/
  2. Download the LogonPoint.zip available here
  3. Unzip LogonPoint.zip and replace /var/netscaler/logon/LogonPoint in the Citrix ADC with the LogonPoint folder in the tar.
  4. Bind either the RfWebUI theme or an RfWebUI based custom theme to the authentication virtual server that acts as the identity provider.

After making these changes, RfWebUI is expected to look like the following image

Related: