Details of VAR-201706-0587

ID

VAR-201706-0587

CVE

CVE-2017-6671

TITLE

Cisco Email Security Appliance for Cisco AsyncOS Vulnerability in software that bypasses filters configured on devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-004810

DESCRIPTION

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015. Vendors have confirmed this vulnerability Bug ID CSCvd34632 It is released as.A remote attacker could bypass the filters set on the device. CiscoEmailSecurityAppliance is a set of email security appliances. CiscoContentSecurityManagement is a unified email and web security management solution. An email scanning vulnerability exists in CiscoAsyncOSSoftware on CiscoEmailSecurityAppliance (ESA) devices. This vulnerability stems from incorrect authentication of emails with attachments and modified MIME headers. An unauthenticated remote attacker bypasses the configured filter. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvd34632. AsyncOS Software is the operating system used in it

Trust: 2.52

sources: NVD: CVE-2017-6671 // JVNDB: JVNDB-2017-004810 // CNVD: CNVD-2017-11578 // BID: 98969 // VULHUB: VHN-114874

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-11578

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-066	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.1-087	Trust: 2.5
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	ne	version:	9.8.1-015	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	ne	version:	10.0.2-020	Trust: 0.3

sources: CNVD: CNVD-2017-11578 // BID: 98969 // JVNDB: JVNDB-2017-004810 // CNNVD: CNNVD-201706-373 // NVD: CVE-2017-6671

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6671
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6671
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-11578
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201706-373
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-114874
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6671
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-11578
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-114874
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6671
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-11578 // VULHUB: VHN-114874 // JVNDB: JVNDB-2017-004810 // CNNVD: CNNVD-201706-373 // NVD: CVE-2017-6671

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-114874 // JVNDB: JVNDB-2017-004810 // NVD: CVE-2017-6671

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-373

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201706-373

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-004810

PATCH

title:	cisco-sa-20170607-esa1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esa1	Trust: 0.8
title:	CiscoEmailSecurityAppliance Attachment Filter bypasses vulnerability patches	url:	https://www.cnvd.org.cn/patchInfo/show/96511	Trust: 0.6
title:	Cisco Email Security Appliance AsyncOS Software Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71486	Trust: 0.6

sources: CNVD: CNVD-2017-11578 // JVNDB: JVNDB-2017-004810 // CNNVD: CNNVD-201706-373

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6671	Trust: 3.4
db:	BID	id:	98969	Trust: 2.6
db:	SECTRACK	id:	1038635	Trust: 1.1
db:	JVNDB	id:	JVNDB-2017-004810	Trust: 0.8
db:	CNNVD	id:	CNNVD-201706-373	Trust: 0.7
db:	CNVD	id:	CNVD-2017-11578	Trust: 0.6
db:	NSFOCUS	id:	36819	Trust: 0.6
db:	VULHUB	id:	VHN-114874	Trust: 0.1

sources: CNVD: CNVD-2017-11578 // VULHUB: VHN-114874 // BID: 98969 // JVNDB: JVNDB-2017-004810 // CNNVD: CNNVD-201706-373 // NVD: CVE-2017-6671

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170607-esa1	Trust: 2.6
url:	http://www.securityfocus.com/bid/98969	Trust: 1.7
url:	http://www.securitytracker.com/id/1038635	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6671	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6671	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/36819	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2017-11578 // VULHUB: VHN-114874 // BID: 98969 // JVNDB: JVNDB-2017-004810 // CNNVD: CNNVD-201706-373 // NVD: CVE-2017-6671

CREDITS

Cisco

Trust: 0.9

sources: BID: 98969 // CNNVD: CNNVD-201706-373

SOURCES

db:	CNVD	id:	CNVD-2017-11578
db:	VULHUB	id:	VHN-114874
db:	BID	id:	98969
db:	JVNDB	id:	JVNDB-2017-004810
db:	CNNVD	id:	CNNVD-201706-373
db:	NVD	id:	CVE-2017-6671

LAST UPDATE DATE

2024-11-23T22:34:37.137000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-11578	date:	2017-06-27T00:00:00
db:	VULHUB	id:	VHN-114874	date:	2017-11-27T00:00:00
db:	BID	id:	98969	date:	2017-06-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-004810	date:	2017-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201706-373	date:	2017-07-14T00:00:00
db:	NVD	id:	CVE-2017-6671	date:	2024-11-21T03:30:16.420

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-11578	date:	2017-06-27T00:00:00
db:	VULHUB	id:	VHN-114874	date:	2017-06-13T00:00:00
db:	BID	id:	98969	date:	2017-06-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-004810	date:	2017-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201706-373	date:	2017-06-07T00:00:00
db:	NVD	id:	CVE-2017-6671	date:	2017-06-13T06:29:01.097