This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote security appliance is missing a vendor-supplied patch.
According to its self-reported version, the version of Cisco Content
Security Management Appliance running on the remote host is affected
by a remote code execution vulnerability due to a flaw in Cisco
AsyncOS. An authenticated attacker could potentially exploit this
vulnerability to execute arbitrary code with the privileges of the
Note: In order to exploit this vulnerability, the FTP service and
Safelist/Blocklist (SLBL) service must be enabled.
See also :
Apply the relevant update referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 7.4
Public Exploit Available : false