Sign-up

ID

VAR-201908-0833


CVE

CVE-2019-1955


TITLE

Cisco Email Security Appliance of AsyncOS Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-007630

DESCRIPTION

A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. A successful exploit could allow the attacker to bypass the header filters that are configured for the affected device, which could allow malicious content to pass through the device. AsyncOS Software is a set of operating systems running on it

Trust: 1.71

sources: NVD: CVE-2019-1955 // JVNDB: JVNDB-2019-007630 // VULHUB: VHN-152007

AFFECTED PRODUCTS

vendor:ciscomodel:email security appliancescope:ltversion:4.0mr1

Trust: 1.0

vendor:ciscomodel:email security appliancescope:eqversion:12.0

Trust: 1.0

vendor:ciscomodel:e email security appliancescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-007630 // NVD: CVE-2019-1955

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1955
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1955
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1955
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201908-547
value: HIGH

Trust: 0.6

VULHUB: VHN-152007
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1955
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-152007
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1955
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1955
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: CVE-2019-1955
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-152007 // JVNDB: JVNDB-2019-007630 // CNNVD: CNNVD-201908-547 // NVD: CVE-2019-1955 // NVD: CVE-2019-1955

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-152007 // JVNDB: JVNDB-2019-007630 // NVD: CVE-2019-1955

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-547

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201908-547

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-007630

PATCH
title:cisco-sa-20190807-esm-injecturl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-esm-inject
Trust: 0.8
title:Cisco Email Security Appliance AsyncOS Software Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96244
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-007630 // 
            
            
            
            CNNVD: CNNVD-201908-547

EXTERNAL IDS
db:NVDid:CVE-2019-1955
Trust: 2.5
db:JVNDBid:JVNDB-2019-007630
Trust: 0.8
db:CNNVDid:CNNVD-201908-547
Trust: 0.7
db:AUSCERTid:ESB-2019.2992
Trust: 0.6
db:AUSCERTid:ESB-2019.2992.2
Trust: 0.6
db:VULHUBid:VHN-152007
Trust: 0.1
sources:
            
            
            VULHUB: VHN-152007 // 
            
            
            
            JVNDB: JVNDB-2019-007630 // 
            
            
            
            CNNVD: CNNVD-201908-547 // 
            
            
            
            NVD: CVE-2019-1955

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190807-esm-inject
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-1955
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1955
Trust: 0.8
url:https://vigilance.fr/vulnerability/cisco-esa-privilege-escalation-via-spf-header-bypass-29979
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.2992.2/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.2992/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-152007 // 
            
            
            
            JVNDB: JVNDB-2019-007630 // 
            
            
            
            CNNVD: CNNVD-201908-547 // 
            
            
            
            NVD: CVE-2019-1955

CREDITS
Marcel Maeder of Netcloud AG .
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201908-547

SOURCES
db:VULHUBid:VHN-152007
db:JVNDBid:JVNDB-2019-007630
db:CNNVDid:CNNVD-201908-547
db:NVDid:CVE-2019-1955

LAST UPDATE DATE
2024-11-23T21:36:57.873000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-152007date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-007630date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-547date:2019-10-08T00:00:00
db:NVDid:CVE-2019-1955date:2024-11-21T04:37:45.750

SOURCES RELEASE DATE
db:VULHUBid:VHN-152007date:2019-08-08T00:00:00
db:JVNDBid:JVNDB-2019-007630date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-547date:2019-08-07T00:00:00
db:NVDid:CVE-2019-1955date:2019-08-08T08:15:12.537