CVE-2018-15453 – Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15453
A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. A successful exploit could cause the filtering process to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to improper input validation of S/MIME-signed emails. An attacker could exploit this vulnerability by sending a malicious S/MIME-signed email through a targeted device. If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. • http://www.securityfocus.com/bid/106511 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2018-0140
https://notcve.org/view.php?id=CVE-2018-0140
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295. Una vulnerabilidad en la cuarentena de spam de Cisco Email Security Appliance y Cisco Content Security Management Appliance podría permitir que un atacante remoto autenticado descargue cualquier mensaje de la cuarentena de spam modificando la información de las cadenas del navegador. • http://www.securityfocus.com/bid/103090 http://www.securitytracker.com/id/1040338 http://www.securitytracker.com/id/1040339 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-425: Direct Request ('Forced Browsing') •
CVE-2017-12309
https://notcve.org/view.php?id=CVE-2017-12309
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses. An exploit could allow the attacker to perform cross-site scripting attacks, cross-user defacement, web cache poisoning, and similar exploits. Cisco Bug IDs: CSCvf16705. • http://www.securityfocus.com/bid/101928 http://www.securitytracker.com/id/1039831 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-esa • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVE-2017-6671
https://notcve.org/view.php?id=CVE-2017-6671
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015. Una vulnerabilidad en el escaneo de mensajes de correo electrónico de Cisco AsyncOS Software para Cisco Email Security Appliance (ESA) podría permitir a un atacante remoto no autenticado omitir los filtros configurados en el dispositivo, como lo demuestra el Attachment Filter. • http://www.securityfocus.com/bid/98969 http://www.securitytracker.com/id/1038635 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esa1 • CWE-20: Improper Input Validation •
CVE-2017-3827
https://notcve.org/view.php?id=CVE-2017-3827
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, that are configured with message or content filters to scan incoming email attachments on the ESA or services scanning content of web access on the WSA. More Information: SCvb91473, CSCvc76500. Known Affected Releases: 10.0.0-203 9.9.9-894 WSA10.0.0-233. Una vulnerabilidad en el escáner Multipurpose Internet Mail Extensions (MIME) de Cisco AsyncOS Software para Cisco Email Security Appliances (ESA) y Web Security Appliances (WSA) podría permitir a un atacante remoto no autenticado eludir filtros configurados por en usuario en el dispositivo. • http://www.securityfocus.com/bid/96239 http://www.securitytracker.com/id/1037831 http://www.securitytracker.com/id/1037832 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos • CWE-20: Improper Input Validation •