CVE-2019-1905
Cisco Email Security Appliance GZIP Content Filter Bypass Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-formatted files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted GZIP-compressed file. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.
Una vulnerabilidad en el motor de descompresión GZIP del software AsyncOS de Cisco para Email Security Appliance (ESA) de Cisco, podría permitir que un atacante remoto no autenticado omita los filtros de contenido configurados en el dispositivo. Una vulnerabilidad es debido a la comprobación inapropiada de los archivos con formato GZIP. Un atacante podría explotar esta vulnerabilidad enviando un archivo malicioso dentro de un archivo comprimido con GZIP. Una explotación con éxito podría permitir al atacante omitir los filtros del contenido configurados que normalmente omitiría el correo electrónico.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2018-12-06 CVE Reserved
- 2019-06-20 CVE Published
- 2024-11-10 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/108856 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 11.1.2 Search vendor "Cisco" for product "Email Security Appliance" and version "11.1.2" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 12.0.0 Search vendor "Cisco" for product "Email Security Appliance" and version "12.0.0" | - |
Affected
|