CVE-2019-12706 – Cisco Email Security Appliance Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-12706
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device. Una vulnerabilidad en la funcionalidad Sender Policy Framework (SPF) del Software Cisco AsyncOS para Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado omitir los filtros de usuario configurados en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-esa-bypass • CWE-20: Improper Input Validation •
CVE-2019-1955 – Cisco Email Security Appliance Header Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1955
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device. Una vulnerabilidad en la funcionalidad Sender Policy Framework (SPF) del software AsyncOS de Cisco para Email Security Appliances (ESA) de Cisco, podría permitir a un atacante remoto no autenticado omitir los filtros de usuario configurados en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject • CWE-20: Improper Input Validation •
CVE-2019-1933 – Cisco Email Security Appliance Content Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1933
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper input validation of certain email fields. An attacker could exploit this vulnerability by sending a crafted email message to a recipient protected by the ESA. A successful exploit could allow the attacker to bypass configured message filters and inject arbitrary scripting code inside the email body. The malicious code is not executed by default unless the recipient's email client is configured to execute scripts contained in emails. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-esa-filterpass • CWE-20: Improper Input Validation •
CVE-2019-1921 – Cisco Email Security Appliance Content Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1921
A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker could exploit this vulnerability by naming a malicious attachment with a specific pattern. A successful exploit could allow the attacker to bypass configured content filters that would normally block the attachment. Una vulnerabilidad en el escaneo de archivos adjuntos del software AsyncOS de Cisco para Email Security Appliance (ESA) de Cisco, podría permitir a un atacante remoto no identificado omitir los filtros de contenido configurados en el dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-esa-bypass • CWE-20: Improper Input Validation •
CVE-2019-1905 – Cisco Email Security Appliance GZIP Content Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1905
A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-formatted files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted GZIP-compressed file. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. Una vulnerabilidad en el motor de descompresión GZIP del software AsyncOS de Cisco para Email Security Appliance (ESA) de Cisco, podría permitir que un atacante remoto no autenticado omita los filtros de contenido configurados en el dispositivo. • http://www.securityfocus.com/bid/108856 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-esa-bypass • CWE-20: Improper Input Validation •