Sign-up

ID

VAR-201702-0786


CVE

CVE-2017-3818


TITLE

Cisco ESA of AsyncOS Software MIME Vulnerability in the scanner that bypasses the user filter set on the device

Trust: 0.8

sources: JVNDB: JVNDB-2017-001722

DESCRIPTION

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. More Information: CSCvb65245. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 9.8.0-092. This vulnerability " Malformed MIME Avoid header filtering (Malformed MIME Header Filtering Bypass)" It is called. CiscoAsyncOSSoftwarefor CiscoEmailSecurityAppliances (ESA) is a set of operating systems used by Cisco Systems in the Email Security Appliance (ESA). An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvb65245

Trust: 2.52

sources: NVD: CVE-2017-3818 // JVNDB: JVNDB-2017-001722 // CNVD: CNVD-2017-01167 // BID: 95939 // VULHUB: VHN-112021

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-01167

AFFECTED PRODUCTS

vendor:ciscomodel:email security appliancescope:eqversion:9.7.1-066

Trust: 2.5

vendor:ciscomodel:asyncos softwarescope:eqversion:0

Trust: 0.9

vendor:ciscomodel:e email security the appliancescope:eqversion:9.7.1-066

Trust: 0.8

vendor:ciscomodel:email security appliancescope:neversion:9.8.0-092

Trust: 0.3

sources: CNVD: CNVD-2017-01167 // BID: 95939 // JVNDB: JVNDB-2017-001722 // CNNVD: CNNVD-201702-016 // NVD: CVE-2017-3818

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3818
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-3818
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-01167
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201702-016
value: MEDIUM

Trust: 0.6

VULHUB: VHN-112021
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-3818
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-01167
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-112021
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-3818
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-01167 // VULHUB: VHN-112021 // JVNDB: JVNDB-2017-001722 // CNNVD: CNNVD-201702-016 // NVD: CVE-2017-3818

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-112021 // JVNDB: JVNDB-2017-001722 // NVD: CVE-2017-3818

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-016

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201702-016

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-001722

PATCH
title:cisco-sa-20170201-esa1url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-esa1
Trust: 0.8
title:CiscoEmailSecurityApplianceforAsyncOS security bypass vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/88869
Trust: 0.6
title:Cisco AsyncOS Software for Cisco Email Security Appliances Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67406
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-01167 // 
            
            
            
            JVNDB: JVNDB-2017-001722 // 
            
            
            
            CNNVD: CNNVD-201702-016

EXTERNAL IDS
db:NVDid:CVE-2017-3818
Trust: 3.4
db:BIDid:95939
Trust: 2.0
db:SECTRACKid:1037773
Trust: 1.1
db:JVNDBid:JVNDB-2017-001722
Trust: 0.8
db:CNNVDid:CNNVD-201702-016
Trust: 0.7
db:CNVDid:CNVD-2017-01167
Trust: 0.6
db:VULHUBid:VHN-112021
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-01167 // 
            
            
            
            VULHUB: VHN-112021 // 
            
            
            
            BID: 95939 // 
            
            
            
            JVNDB: JVNDB-2017-001722 // 
            
            
            
            CNNVD: CNNVD-201702-016 // 
            
            
            
            NVD: CVE-2017-3818

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170201-esa1
Trust: 2.6
url:http://www.securityfocus.com/bid/95939
Trust: 1.1
url:http://www.securitytracker.com/id/1037773
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3818
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3818
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-01167 // 
            
            
            
            VULHUB: VHN-112021 // 
            
            
            
            BID: 95939 // 
            
            
            
            JVNDB: JVNDB-2017-001722 // 
            
            
            
            CNNVD: CNNVD-201702-016 // 
            
            
            
            NVD: CVE-2017-3818

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 95939

SOURCES
db:CNVDid:CNVD-2017-01167
db:VULHUBid:VHN-112021
db:BIDid:95939
db:JVNDBid:JVNDB-2017-001722
db:CNNVDid:CNNVD-201702-016
db:NVDid:CVE-2017-3818

LAST UPDATE DATE
2025-04-20T23:26:13.399000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-01167date:2017-02-09T00:00:00
db:VULHUBid:VHN-112021date:2017-07-25T00:00:00
db:BIDid:95939date:2017-02-02T00:09:00
db:JVNDBid:JVNDB-2017-001722date:2017-03-15T00:00:00
db:CNNVDid:CNNVD-201702-016date:2017-02-16T00:00:00
db:NVDid:CVE-2017-3818date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-01167date:2017-02-09T00:00:00
db:VULHUBid:VHN-112021date:2017-02-03T00:00:00
db:BIDid:95939date:2017-02-01T00:00:00
db:JVNDBid:JVNDB-2017-001722date:2017-03-15T00:00:00
db:CNNVDid:CNNVD-201702-016date:2017-02-04T00:00:00
db:NVDid:CVE-2017-3818date:2017-02-03T07:59:00.810