CVE-2019-15988 – Cisco Email Security Appliance URL Filtering Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-15988
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device. Una vulnerabilidad en los mecanismos de protección antispam del Software Cisco AsyncOS para Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado omitir los filtros de reputación de URL en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-url-bypass • CWE-20: Improper Input Validation •
CVE-2019-15961 – Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability
https://notcve.org/view.php?id=CVE-2019-15961
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. Una vulnerabilidad en el módulo de análisis de correo electrónico de Clam AntiVirus (ClamAV) Software versiones 0.102.0, 0.101.4 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. • https://bugzilla.clamav.net/show_bug.cgi?id=12380 https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://security.gentoo.org/glsa/202003-46 https://usn.ubuntu.com/4230-2 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVE-2019-12706 – Cisco Email Security Appliance Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-12706
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device. Una vulnerabilidad en la funcionalidad Sender Policy Framework (SPF) del Software Cisco AsyncOS para Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado omitir los filtros de usuario configurados en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-esa-bypass • CWE-20: Improper Input Validation •
CVE-2019-1955 – Cisco Email Security Appliance Header Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1955
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device. Una vulnerabilidad en la funcionalidad Sender Policy Framework (SPF) del software AsyncOS de Cisco para Email Security Appliances (ESA) de Cisco, podría permitir a un atacante remoto no autenticado omitir los filtros de usuario configurados en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject • CWE-20: Improper Input Validation •
CVE-2018-15453 – Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15453
A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. A successful exploit could cause the filtering process to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to improper input validation of S/MIME-signed emails. An attacker could exploit this vulnerability by sending a malicious S/MIME-signed email through a targeted device. If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. • http://www.securityfocus.com/bid/106511 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •