Details of VAR-201702-0792

ID

VAR-201702-0792

CVE

CVE-2017-3827

TITLE

Cisco ESA and WSA of AsyncOS Software MIME Vulnerability in the scanner that bypasses the user filter set on the device

Trust: 0.8

sources: JVNDB: JVNDB-2017-001728

DESCRIPTION

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, that are configured with message or content filters to scan incoming email attachments on the ESA or services scanning content of web access on the WSA. More Information: SCvb91473, CSCvc76500. Known Affected Releases: 10.0.0-203 9.9.9-894 WSA10.0.0-233. Vendors have confirmed this vulnerability Bug ID SCvb91473 and CSCvc76500 It is released as.A remote attacker may be able to bypass user filters configured on the device. Cisco AsyncOS is a set of operating systems used in these products. A remote security bypass vulnerability exists in CiscoAsyncOSforEmail and WebSecurityAppliances. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized actions, resulting in further attacks. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvb91473. The title and technical details have been changed to better reflect the vulnerability impact. The Multipurpose Internet Mail Extensions (MIME) scanner is one of those email scanners

Trust: 2.52

sources: NVD: CVE-2017-3827 // JVNDB: JVNDB-2017-001728 // CNVD: CNVD-2017-01890 // BID: 96239 // VULHUB: VHN-112030

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-01890

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-203	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.9.9-894	Trust: 1.9
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-124	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-232	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-124	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-232	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-082	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-125	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-125	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-203	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.9.6-026	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-082	Trust: 1.0
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	web security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asyncos software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.0.0-233	Trust: 0.6
vendor:	cisco	model:	asyncos	scope:	eq	version:	-	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	9.7.2-148	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	11.0.0-035	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	10.0.2-020	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	10.0.1-103	Trust: 0.3

sources: CNVD: CNVD-2017-01890 // BID: 96239 // JVNDB: JVNDB-2017-001728 // NVD: CVE-2017-3827 // CNNVD: CNNVD-201702-660

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-3827
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2017-01890
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201702-660
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-112030
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-3827
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-01890
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-112030
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2017-3827
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-01890 // VULHUB: VHN-112030 // JVNDB: JVNDB-2017-001728 // NVD: CVE-2017-3827 // CNNVD: CNNVD-201702-660

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-112030 // JVNDB: JVNDB-2017-001728 // NVD: CVE-2017-3827

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-660

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201702-660

CONFIGURATIONS

sources: NVD: CVE-2017-3827

PATCH

title:	cisco-sa-20170215-asyncos	url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170215-asyncos	Trust: 0.8
title:	CiscoAsyncOSforEmail and WebSecurityAppliances Remote Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchinfo/show/89710	Trust: 0.6
title:	Cisco AsyncOS Software for Cisco ESA and Cisco WSA Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68171	Trust: 0.6

sources: CNVD: CNVD-2017-01890 // JVNDB: JVNDB-2017-001728 // CNNVD: CNNVD-201702-660

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3827	Trust: 3.4
db:	BID	id:	96239	Trust: 2.6
db:	SECTRACK	id:	1037831	Trust: 1.7
db:	SECTRACK	id:	1037832	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-001728	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-660	Trust: 0.7
db:	CNVD	id:	CNVD-2017-01890	Trust: 0.6
db:	VULHUB	id:	VHN-112030	Trust: 0.1

sources: CNVD: CNVD-2017-01890 // VULHUB: VHN-112030 // BID: 96239 // JVNDB: JVNDB-2017-001728 // NVD: CVE-2017-3827 // CNNVD: CNNVD-201702-660

REFERENCES

url:	http://www.securityfocus.com/bid/96239	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170215-asyncos	Trust: 2.0
url:	http://www.securitytracker.com/id/1037831	Trust: 1.7
url:	http://www.securitytracker.com/id/1037832	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3827	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3827	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-01890 // VULHUB: VHN-112030 // BID: 96239 // JVNDB: JVNDB-2017-001728 // NVD: CVE-2017-3827 // CNNVD: CNNVD-201702-660

CREDITS

Cisco

Trust: 0.9

sources: BID: 96239 // CNNVD: CNNVD-201702-660

SOURCES

db:	CNVD	id:	CNVD-2017-01890
db:	VULHUB	id:	VHN-112030
db:	BID	id:	96239
db:	JVNDB	id:	JVNDB-2017-001728
db:	NVD	id:	CVE-2017-3827
db:	CNNVD	id:	CNNVD-201702-660

LAST UPDATE DATE

2023-12-18T13:29:25.579000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01890	date:	2017-02-24T00:00:00
db:	VULHUB	id:	VHN-112030	date:	2017-07-25T00:00:00
db:	BID	id:	96239	date:	2017-05-23T16:26:00
db:	JVNDB	id:	JVNDB-2017-001728	date:	2017-03-15T00:00:00
db:	NVD	id:	CVE-2017-3827	date:	2021-08-06T16:50:21.190
db:	CNNVD	id:	CNNVD-201702-660	date:	2021-08-09T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-01890	date:	2017-02-24T00:00:00
db:	VULHUB	id:	VHN-112030	date:	2017-02-22T00:00:00
db:	BID	id:	96239	date:	2017-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-001728	date:	2017-03-15T00:00:00
db:	NVD	id:	CVE-2017-3827	date:	2017-02-22T02:59:00.230
db:	CNNVD	id:	CNNVD-201702-660	date:	2017-02-22T00:00:00