// For flags

CVE-2018-15453

Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability

Severity Score

8.6
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. A successful exploit could cause the filtering process to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to improper input validation of S/MIME-signed emails. An attacker could exploit this vulnerability by sending a malicious S/MIME-signed email through a targeted device. If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. The software could then resume processing the same S/MIME-signed email, causing the filtering process to crash and restart again. A successful exploit could allow the attacker to cause a permanent DoS condition. This vulnerability may require manual intervention to recover the ESA.

Una vulnerabilidad en el descifrado de S/MIME (Secure/Multipurpose Internet Mail Extensions) y la verificación de características de recopilación de claves públicas de S/MIME de Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) podría permitir que un atacante remoto no autenticado provoque que el dispositivo afectado corrompa la memoria del sistema. Su explotación con éxito podría permitir que el proceso de filtrado se recargue, provocando una denegación de servicio (DoS) en el dispositivo. La vulnerabilidad se debe a una validación de entradas incorrecta de los correos electrónicos firmados por S/MIME. Un atacante podría explotar esta vulnerabilidad mediante el envío de un correo electrónico firmado por S/MIME a través de un dispositivo objetivo. Si el descifrado y la verificación o la recopilación de claves públicas están configurados, el proceso de filtrado podría cerrarse inesperadamente debido a la corrupción de memoria y reiniciarse, lo que resulta en una condición de denegación de servicio (DoS). Así, el software podría continuar el procesamiento del mismo correo firmado por S/MIME, provocando que el proceso de filtrado se cierre inesperadamente y se reinicie de nuevo. Su explotación con éxito podría permitir que el atacante provoque una condición de denegación de servicio (DoS) permanente. Esta vulnerabilidad podría requerir intervención manual para recuperar ESA.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2018-08-17 CVE Reserved
  • 2019-01-10 CVE Published
  • 2024-11-19 CVE Updated
  • 2024-11-19 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
11.0.1-401
Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "11.0.1-401"
-
Affected
Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
11.1.0-131
Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "11.1.0-131"
-
Affected