Details of VAR-201703-0883

ID

VAR-201703-0883

CVE

CVE-2017-3870

TITLE

Cisco Web Security Appliance of Cisco AsyncOS Software URL Already set in the filtering function URL Vulnerabilities that bypass filter rules

Trust: 0.8

sources: JVNDB: JVNDB-2017-002483

DESCRIPTION

A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010. CiscoAsyncOSforWebSecurityAppliance (WSA) is a product of Cisco Systems, Inc., which is a network security device. Cisco AsyncOS is a set of operating systems used in this product. A remote security bypass vulnerability exists in CiscoAsyncOS forWebSecurityApplianc. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized actions, resulting in further attacks. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvc69700. The vulnerability stems from the fact that the program does not fully authenticate user requests

Trust: 2.52

sources: NVD: CVE-2017-3870 // JVNDB: JVNDB-2017-002483 // CNVD: CNVD-2017-03307 // BID: 96907 // VULHUB: VHN-112073

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-03307

AFFECTED PRODUCTS

vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.1.2-010	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.3-069	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.1.1-074	Trust: 1.6
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	web security the appliance software	scope:	eq	version:	8.5.3-069	Trust: 0.8
vendor:	cisco	model:	web security the appliance software	scope:	eq	version:	9.1.1-074	Trust: 0.8
vendor:	cisco	model:	web security the appliance software	scope:	eq	version:	9.1.2-010	Trust: 0.8
vendor:	cisco	model:	web security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2017-03307 // BID: 96907 // JVNDB: JVNDB-2017-002483 // CNNVD: CNNVD-201703-682 // NVD: CVE-2017-3870

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3870
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-3870
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-03307
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201703-682
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-112073
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-3870
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-03307
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-112073
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3870
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-03307 // VULHUB: VHN-112073 // JVNDB: JVNDB-2017-002483 // CNNVD: CNNVD-201703-682 // NVD: CVE-2017-3870

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-112073 // JVNDB: JVNDB-2017-002483 // NVD: CVE-2017-3870

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-682

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201703-682

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002483

PATCH

title:	cisco-sa-20170315-wsa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa	Trust: 0.8
title:	Patch for CiscoAsyncOS Remote Security Bypass Vulnerability (CNVD-2017-03307)	url:	https://www.cnvd.org.cn/patchInfo/show/90862	Trust: 0.6
title:	Cisco Web Security Appliance AsyncOS Software Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68524	Trust: 0.6

sources: CNVD: CNVD-2017-03307 // JVNDB: JVNDB-2017-002483 // CNNVD: CNNVD-201703-682

EXTERNAL IDS

db:	NVD	id:	CVE-2017-3870	Trust: 3.4
db:	BID	id:	96907	Trust: 2.6
db:	SECTRACK	id:	1038043	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-002483	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-682	Trust: 0.7
db:	CNVD	id:	CNVD-2017-03307	Trust: 0.6
db:	VULHUB	id:	VHN-112073	Trust: 0.1

sources: CNVD: CNVD-2017-03307 // VULHUB: VHN-112073 // BID: 96907 // JVNDB: JVNDB-2017-002483 // CNNVD: CNNVD-201703-682 // NVD: CVE-2017-3870

REFERENCES

url:	http://www.securityfocus.com/bid/96907	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170315-wsa	Trust: 2.0
url:	http://www.securitytracker.com/id/1038043	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3870	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-3870	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-03307 // VULHUB: VHN-112073 // BID: 96907 // JVNDB: JVNDB-2017-002483 // CNNVD: CNNVD-201703-682 // NVD: CVE-2017-3870

CREDITS

Cisco

Trust: 0.9

sources: BID: 96907 // CNNVD: CNNVD-201703-682

SOURCES

db:	CNVD	id:	CNVD-2017-03307
db:	VULHUB	id:	VHN-112073
db:	BID	id:	96907
db:	JVNDB	id:	JVNDB-2017-002483
db:	CNNVD	id:	CNNVD-201703-682
db:	NVD	id:	CVE-2017-3870

LAST UPDATE DATE

2024-11-23T22:07:30.652000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-03307	date:	2017-03-24T00:00:00
db:	VULHUB	id:	VHN-112073	date:	2017-07-12T00:00:00
db:	BID	id:	96907	date:	2017-03-16T00:03:00
db:	JVNDB	id:	JVNDB-2017-002483	date:	2017-04-17T00:00:00
db:	CNNVD	id:	CNNVD-201703-682	date:	2017-03-17T00:00:00
db:	NVD	id:	CVE-2017-3870	date:	2024-11-21T03:26:17.017

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-03307	date:	2017-03-24T00:00:00
db:	VULHUB	id:	VHN-112073	date:	2017-03-17T00:00:00
db:	BID	id:	96907	date:	2017-03-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-002483	date:	2017-04-17T00:00:00
db:	CNNVD	id:	CNNVD-201703-682	date:	2017-03-17T00:00:00
db:	NVD	id:	CVE-2017-3870	date:	2017-03-17T22:59:00.343