Cisco Security Advisory – Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/74199/cisco-sa-20090121-csm.txt
Source: https://packetstormsecurity.com/files/74199/Cisco-Security-Advisory-20090121-csm.html