Sign-up

ID

VAR-201508-0491


CVE

CVE-2015-4322


TITLE

Cisco content Security Management Appliance vulnerable to reading spam quarantine folders for arbitrary users

Trust: 0.8

sources: JVNDB: JVNDB-2015-004362

DESCRIPTION

Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894. Cisco Content Security Management Appliance is prone to a privilege-escalation vulnerability. An attacker can leverage this issue to gain unauthorized access to an affected system with elevated privileges. This issue is being tracked by Cisco Bug ID CSCuv65894. This appliance is mainly used to manage all policies, reports, audit information, etc. of email and web security appliances. The following releases are affected: Cisco SMA Release 8.3.6-039, Release 9.1.0-31, Release 9.1.0-103

Trust: 1.98

sources: NVD: CVE-2015-4322 // JVNDB: JVNDB-2015-004362 // BID: 76365 // VULHUB: VHN-82283

AFFECTED PRODUCTS

vendor:ciscomodel:content security management appliancescope:eqversion:9.1.0-103

Trust: 1.9

vendor:ciscomodel:content security management appliancescope:eqversion:8.3.6-039

Trust: 1.9

vendor:ciscomodel:content security management appliancescope:eqversion:9.1.0-31

Trust: 1.6

vendor:ciscomodel:content security management appliance softwarescope:eqversion:8.3.6-039

Trust: 0.8

vendor:ciscomodel:content security management appliance softwarescope:eqversion:9.1.0-031

Trust: 0.8

vendor:ciscomodel:content security management appliance softwarescope:eqversion:9.1.0-103

Trust: 0.8

vendor:ciscomodel:content security management appliancescope:eqversion:9.1.0-031

Trust: 0.3

sources: BID: 76365 // JVNDB: JVNDB-2015-004362 // CNNVD: CNNVD-201508-363 // NVD: CVE-2015-4322

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-4322
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-4322
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201508-363
value: MEDIUM

Trust: 0.6

VULHUB: VHN-82283
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-4322
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-82283
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-82283 // JVNDB: JVNDB-2015-004362 // CNNVD: CNNVD-201508-363 // NVD: CVE-2015-4322

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-82283 // JVNDB: JVNDB-2015-004362 // NVD: CVE-2015-4322

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-363

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201508-363

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004362

PATCH
title:40450url:http://tools.cisco.com/security/center/viewAlert.x?alertId=40450
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-004362

EXTERNAL IDS
db:NVDid:CVE-2015-4322
Trust: 2.8
db:BIDid:76365
Trust: 2.0
db:SECTRACKid:1033322
Trust: 1.1
db:JVNDBid:JVNDB-2015-004362
Trust: 0.8
db:CNNVDid:CNNVD-201508-363
Trust: 0.7
db:VULHUBid:VHN-82283
Trust: 0.1
sources:
            
            
            VULHUB: VHN-82283 // 
            
            
            
            BID: 76365 // 
            
            
            
            JVNDB: JVNDB-2015-004362 // 
            
            
            
            CNNVD: CNNVD-201508-363 // 
            
            
            
            NVD: CVE-2015-4322

REFERENCES
url:http://www.securityfocus.com/bid/76365
Trust: 1.7
url:http://tools.cisco.com/security/center/viewalert.x?alertid=40450
Trust: 1.7
url:http://www.securitytracker.com/id/1033322
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4322
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4322
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=40450 
Trust: 0.3
sources:
            
            
            VULHUB: VHN-82283 // 
            
            
            
            BID: 76365 // 
            
            
            
            JVNDB: JVNDB-2015-004362 // 
            
            
            
            CNNVD: CNNVD-201508-363 // 
            
            
            
            NVD: CVE-2015-4322

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 76365 // 
            
            
            
            CNNVD: CNNVD-201508-363

SOURCES
db:VULHUBid:VHN-82283
db:BIDid:76365
db:JVNDBid:JVNDB-2015-004362
db:CNNVDid:CNNVD-201508-363
db:NVDid:CVE-2015-4322

LAST UPDATE DATE
2024-11-23T22:01:43.144000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-82283date:2017-09-20T00:00:00
db:BIDid:76365date:2015-08-14T00:00:00
db:JVNDBid:JVNDB-2015-004362date:2015-08-25T00:00:00
db:CNNVDid:CNNVD-201508-363date:2015-08-20T00:00:00
db:NVDid:CVE-2015-4322date:2024-11-21T02:30:49.857

SOURCES RELEASE DATE
db:VULHUBid:VHN-82283date:2015-08-19T00:00:00
db:BIDid:76365date:2015-08-14T00:00:00
db:JVNDBid:JVNDB-2015-004362date:2015-08-25T00:00:00
db:CNNVDid:CNNVD-201508-363date:2015-08-19T00:00:00
db:NVDid:CVE-2015-4322date:2015-08-19T15:59:05.883