Details of VAR-201701-0726

ID

VAR-201701-0726

CVE

CVE-2017-3800

TITLE

Cisco E Email Security For appliance AsyncOS Vulnerability in software content scanning engine that bypasses configured message or content filtering

Trust: 0.8

sources: JVNDB: JVNDB-2017-001386

DESCRIPTION

A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz16076. Known Affected Releases: 9.7.1-066 9.7.1-HP2-207 9.8.5-085. Known Fixed Releases: 10.0.1-083 10.0.1-087. The CiscoAsyncOSonEmailSecurityAppliance(ESA)device is a set of operating systems running on an Email Security Appliance (ESA) from Cisco. A remote security bypass vulnerability exists in CiscoEmailSecurityApplianceforAsyncOS. The attacker exploited the vulnerability to bypass security restrictions and perform unauthorized actions and launch further attacks. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCuz16076

Trust: 2.52

sources: NVD: CVE-2017-3800 // JVNDB: JVNDB-2017-001386 // CNVD: CNVD-2017-01034 // BID: 95637 // VULHUB: VHN-112003

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-01034

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-hp2-207	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-066	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.8.5-085	Trust: 1.6
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.7.1-066	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.7.1-hp2-207	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.8.5-085	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	-	Trust: 0.3

sources: CNVD: CNVD-2017-01034 // BID: 95637 // JVNDB: JVNDB-2017-001386 // CNNVD: CNNVD-201701-779 // NVD: CVE-2017-3800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3800
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-3800
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-01034
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201701-779
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-112003
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-3800
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-01034
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-112003
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3800
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-01034 // VULHUB: VHN-112003 // JVNDB: JVNDB-2017-001386 // CNNVD: CNNVD-201701-779 // NVD: CVE-2017-3800

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-112003 // JVNDB: JVNDB-2017-001386 // NVD: CVE-2017-3800

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201701-779

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201701-779

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-001386

PATCH

title:	cisco-sa-20170118-esa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-esa	Trust: 0.8
title:	CiscoEmailSecurityApplianceforAsyncOS Remote Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/88717	Trust: 0.6
title:	Cisco Email Security Appliance for AsyncOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67338	Trust: 0.6

sources: CNVD: CNVD-2017-01034 // JVNDB: JVNDB-2017-001386 // CNNVD: CNNVD-201701-779

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3800	Trust: 3.4
db:	BID	id:	95637	Trust: 2.6
db:	SECTRACK	id:	1037656	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-001386	Trust: 0.8
db:	CNNVD	id:	CNNVD-201701-779	Trust: 0.7
db:	CNVD	id:	CNVD-2017-01034	Trust: 0.6
db:	VULHUB	id:	VHN-112003	Trust: 0.1

sources: CNVD: CNVD-2017-01034 // VULHUB: VHN-112003 // BID: 95637 // JVNDB: JVNDB-2017-001386 // CNNVD: CNNVD-201701-779 // NVD: CVE-2017-3800

REFERENCES

url:	http://www.securityfocus.com/bid/95637	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170118-esa	Trust: 2.0
url:	http://www.securitytracker.com/id/1037656	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3800	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3800	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-01034 // VULHUB: VHN-112003 // BID: 95637 // JVNDB: JVNDB-2017-001386 // CNNVD: CNNVD-201701-779 // NVD: CVE-2017-3800

CREDITS

Cisco

Trust: 0.9

sources: BID: 95637 // CNNVD: CNNVD-201701-779

SOURCES

db:	CNVD	id:	CNVD-2017-01034
db:	VULHUB	id:	VHN-112003
db:	BID	id:	95637
db:	JVNDB	id:	JVNDB-2017-001386
db:	CNNVD	id:	CNNVD-201701-779
db:	NVD	id:	CVE-2017-3800

LAST UPDATE DATE

2024-11-23T21:42:04.034000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01034	date:	2017-02-07T00:00:00
db:	VULHUB	id:	VHN-112003	date:	2017-07-26T00:00:00
db:	BID	id:	95637	date:	2017-01-23T02:11:00
db:	JVNDB	id:	JVNDB-2017-001386	date:	2017-02-09T00:00:00
db:	CNNVD	id:	CNNVD-201701-779	date:	2017-02-08T00:00:00
db:	NVD	id:	CVE-2017-3800	date:	2024-11-21T03:26:08.437

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-01034	date:	2017-02-07T00:00:00
db:	VULHUB	id:	VHN-112003	date:	2017-01-26T00:00:00
db:	BID	id:	95637	date:	2017-01-18T00:00:00
db:	JVNDB	id:	JVNDB-2017-001386	date:	2017-02-09T00:00:00
db:	CNNVD	id:	CNNVD-201701-779	date:	2017-01-20T00:00:00
db:	NVD	id:	CVE-2017-3800	date:	2017-01-26T07:59:00.513