The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco ESA

vulnerability announce CVE-2018-0140

Cisco Email Security Appliance, Content Security Management Appliance: mail disclosure

Synthesis of the vulnerability

An attacker can tamper with the spam manager of Cisco Email Security Appliance and Content Security Management Appliance, in order to get any any mail.
Impacted products: AsyncOS, Cisco Content SMA, Cisco ESA.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 08/02/2018.
Identifiers: cisco-sa-20180207-esacsm, CVE-2018-0140, VIGILANCE-VUL-25252.

Description of the vulnerability

An attacker can tamper with the spam manager of Cisco Email Security Appliance and Content Security Management Appliance, in order to get any any mail.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-0095

Cisco ESA/SMA: privilege escalation via CLI

Synthesis of the vulnerability

An attacker can bypass restrictions via CLI of Cisco ESA/SMA, in order to escalate his privileges.
Impacted products: AsyncOS, Cisco Content SMA, Cisco ESA.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: document.
Creation date: 18/01/2018.
Identifiers: CERTFR-2018-AVI-042, cisco-sa-20180117-esasma, CSCvb34303, CSCvb35726, CVE-2018-0095, VIGILANCE-VUL-25102.

Description of the vulnerability

An attacker can bypass restrictions via CLI of Cisco ESA/SMA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-12353

Cisco Email Security Appliance: privilege escalation via MIME Header

Synthesis of the vulnerability

An attacker can bypass restrictions via MIME Header of Cisco Email Security Appliance, in order to escalate his privileges.
Impacted products: AsyncOS, Cisco ESA.
Severity: 2/4.
Consequences: data reading, data flow.
Provenance: document.
Creation date: 30/11/2017.
Revision date: 11/12/2017.
Identifiers: cisco-sa-20171129-esa, CSCvf44666, CVE-2017-12353, VIGILANCE-VUL-24577.

Description of the vulnerability

An attacker can bypass restrictions via MIME Header of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-12309

Cisco ESA/SMA: read-write access via HTTP Response Splitting

Synthesis of the vulnerability

An attacker can bypass access restrictions via HTTP Response Splitting of Cisco ESA/SMA, in order to read or alter data.
Impacted products: AsyncOS, Cisco Content SMA, Cisco ESA.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: internet client.
Creation date: 16/11/2017.
Identifiers: cisco-sa-20171115-esa, CSCvf16705, CSCvj76180, CVE-2017-12309, VIGILANCE-VUL-24477.

Description of the vulnerability

An attacker can bypass access restrictions via HTTP Response Splitting of Cisco ESA/SMA, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-12215

Cisco ESA: memory leak via Attachments

Synthesis of the vulnerability

An attacker can create a memory leak via Attachments of Cisco ESA, in order to trigger a denial of service.
Impacted products: AsyncOS, Cisco ESA.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 21/09/2017.
Identifiers: CERTFR-2017-AVI-317, cisco-sa-20170920-esa, CSCvd29354, CVE-2017-12215, VIGILANCE-VUL-23896.

Description of the vulnerability

An attacker can create a memory leak via Attachments of Cisco ESA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-12218

Cisco Email Security Appliance: delivery of malicious EML attachment

Synthesis of the vulnerability

The Cisco Email Security Appliance product does not correctly filter EML attachments.
Impacted products: AsyncOS, Cisco ESA.
Severity: 2/4.
Consequences: data flow.
Provenance: document.
Creation date: 07/09/2017.
Identifiers: cisco-sa-20170906-esa, CSCuz81533, CVE-2017-12218, VIGILANCE-VUL-23765.

Description of the vulnerability

The Cisco Email Security Appliance product does not correctly filter EML attachments.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-6783

Cisco WSA/ESA/SMA: information disclosure via SNMP Polling

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via SNMP Polling of Cisco WSA/ESA/SMA, in order to obtain sensitive information.
Impacted products: AsyncOS, Cisco Content SMA, Cisco ESA, Cisco WSA.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 17/08/2017.
Identifiers: CERTFR-2017-AVI-269, cisco-sa-20170816-csa, CSCve26106, CSCve26202, CSCve26224, CVE-2017-6783, VIGILANCE-VUL-23555.

Description of the vulnerability

An attacker can bypass access restrictions to data via SNMP Polling of Cisco WSA/ESA/SMA, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-6661

Cisco Email Security and Content Security Management Appliance: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Cisco Email Security Appliance and Content Security Management Appliance, in order to run JavaScript code in the context of the web site.
Impacted products: AsyncOS, Cisco Content SMA, Cisco ESA.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 08/06/2017.
Identifiers: cisco-sa-20170607-esa, CVE-2017-6661, VIGILANCE-VUL-22926.

Description of the vulnerability

An attacker can trigger a Cross Site Scripting in Cisco Email Security Appliance and Content Security Management Appliance, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-3733

OpenSSL: denial of service via the "Encrypt-Then-Mac" option

Synthesis of the vulnerability

An attacker can change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service.
Impacted products: Cisco ASR, Cisco ATA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Router, Cisco CUCM, Cisco Manager Attendant Console, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, HP Operations, IRAD, Tivoli Storage Manager, OpenSSL, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 16/02/2017.
Identifiers: 2003480, 2003620, 2003673, 2004940, CERTFR-2017-AVI-035, cisco-sa-20170130-openssl, cpuapr2019, cpujan2018, cpuoct2017, CVE-2017-3733, HPESBGN03728, VIGILANCE-VUL-21871.

Description of the vulnerability

OpenSSL implements the possibility of renegotiation of TLS option and parameters during a session.

However, for some combinations of algorithms, the negation of the state of the option "Encrypt-Then-Mac" generates a fatal error.

An attacker can therefore change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-3827

Cisco AsyncOS: filtering bypass via MIME typing

Synthesis of the vulnerability

An attacker can tamper with MIME headers in SMTP and HTTP connections filtered by Cisco AsyncOS, in order to bypass the content filtering.
Impacted products: AsyncOS, Cisco ESA.
Severity: 2/4.
Consequences: data flow.
Provenance: document.
Creation date: 16/02/2017.
Identifiers: CERTFR-2017-AVI-052, cisco-sa-20170215-asyncos, CVE-2017-3827, VIGILANCE-VUL-21863.

Description of the vulnerability

The Cisco AsyncOS product is used to filter exchanged data in mail and web.

However, some syntax errors in the MIME headers disable the processing of the current file.

An attacker can therefore tamper with MIME headers in SMTP and HTTP connections filtered by Cisco AsyncOS, in order to bypass the content filtering.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco ESA: