Details of VAR-201410-1000

ID

VAR-201410-1000

CVE

CVE-2014-3381

TITLE

Cisco Email Security Appliance Run on Cisco AsyncOS of ZIP Vulnerabilities that can bypass malware filtering in the inspection engine

Trust: 0.8

sources: JVNDB: JVNDB-2014-004983

DESCRIPTION

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934. Vendors have confirmed this vulnerability Bug ID CSCup07934 It is released as.A third party may be able to bypass malware filtering through a crafted archive. Cisco AsyncOS is the operating system used by multiple Cisco products. A remote security bypass vulnerability exists in Cisco AsyncOS Software that allows an attacker to bypass certain security restrictions and perform unauthorized operations. Cisco AsyncOS Software is prone to a remote security-bypass vulnerability. This issue is being tracked by Cisco Bug ID CSCup07934. The vulnerability is caused by the program not correctly parsing ZIP compressed files

Trust: 2.52

sources: NVD: CVE-2014-3381 // JVNDB: JVNDB-2014-004983 // CNVD: CNVD-2014-06731 // BID: 70414 // VULHUB: VHN-71321

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-06731

AFFECTED PRODUCTS

vendor:	cisco	model:	asyncos	scope:	lte	version:	8.5	Trust: 1.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asyncos software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asyncos	scope:	eq	version:	8.5	Trust: 0.6

sources: CNVD: CNVD-2014-06731 // JVNDB: JVNDB-2014-004983 // CNNVD: CNNVD-201410-631 // NVD: CVE-2014-3381

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3381
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-3381
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-06731
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201410-631
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-71321
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-3381
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-06731
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-71321
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-06731 // VULHUB: VHN-71321 // JVNDB: JVNDB-2014-004983 // CNNVD: CNNVD-201410-631 // NVD: CVE-2014-3381

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-71321 // JVNDB: JVNDB-2014-004983 // NVD: CVE-2014-3381

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-631

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201410-631

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004983

PATCH

title:	Cisco AsyncOS Software ZIP Filtering Bypass Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381	Trust: 0.8
title:	36062	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=36062	Trust: 0.8
title:	Cisco AsyncOS Software Remote Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/50828	Trust: 0.6

sources: CNVD: CNVD-2014-06731 // JVNDB: JVNDB-2014-004983

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3381	Trust: 3.4
db:	BID	id:	70414	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-004983	Trust: 0.8
db:	CNNVD	id:	CNNVD-201410-631	Trust: 0.7
db:	CNVD	id:	CNVD-2014-06731	Trust: 0.6
db:	VULHUB	id:	VHN-71321	Trust: 0.1

sources: CNVD: CNVD-2014-06731 // VULHUB: VHN-71321 // BID: 70414 // JVNDB: JVNDB-2014-004983 // CNNVD: CNNVD-201410-631 // NVD: CVE-2014-3381

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3381	Trust: 1.7
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=36062	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3381	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3381	Trust: 0.8
url:	http://www.securityfocus.com/bid/70414	Trust: 0.6
url:	www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2014-06731 // VULHUB: VHN-71321 // BID: 70414 // JVNDB: JVNDB-2014-004983 // CNNVD: CNNVD-201410-631 // NVD: CVE-2014-3381

CREDITS

Cisco

Trust: 0.3

sources: BID: 70414

SOURCES

db:	CNVD	id:	CNVD-2014-06731
db:	VULHUB	id:	VHN-71321
db:	BID	id:	70414
db:	JVNDB	id:	JVNDB-2014-004983
db:	CNNVD	id:	CNNVD-201410-631
db:	NVD	id:	CVE-2014-3381

LAST UPDATE DATE

2024-11-23T23:05:45.593000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-06731	date:	2014-10-15T00:00:00
db:	VULHUB	id:	VHN-71321	date:	2014-10-22T00:00:00
db:	BID	id:	70414	date:	2014-10-15T16:03:00
db:	JVNDB	id:	JVNDB-2014-004983	date:	2014-10-24T00:00:00
db:	CNNVD	id:	CNNVD-201410-631	date:	2014-10-22T00:00:00
db:	NVD	id:	CVE-2014-3381	date:	2024-11-21T02:07:58.787

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-06731	date:	2014-10-15T00:00:00
db:	VULHUB	id:	VHN-71321	date:	2014-10-19T00:00:00
db:	BID	id:	70414	date:	2014-10-13T00:00:00
db:	JVNDB	id:	JVNDB-2014-004983	date:	2014-10-24T00:00:00
db:	CNNVD	id:	CNNVD-201410-631	date:	2014-10-22T00:00:00
db:	NVD	id:	CVE-2014-3381	date:	2014-10-19T01:55:13.607