Sign-up

ID

VAR-201902-0456


CVE

CVE-2019-1672


TITLE

Cisco Web Security Appliance Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2019-001892

DESCRIPTION

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected. Cisco Web Security Appliance (WSA) Contains a resource exhaustion vulnerability.Information may be tampered with. CiscoWebSecurityAppliance is a WEB secure access device. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvm91630. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. The vulnerability stems from the fact that the program does not properly handle traffic encrypted by SSL

Trust: 2.52

sources: NVD: CVE-2019-1672 // JVNDB: JVNDB-2019-001892 // CNVD: CNVD-2019-04921 // BID: 106904 // VULHUB: VHN-148894

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-04921

AFFECTED PRODUCTS

vendor:ciscomodel:web security appliancescope:eqversion:10.5.2-072

Trust: 1.3

vendor:ciscomodel:web security appliancescope:eqversion:10.1.0-204

Trust: 1.3

vendor:ciscomodel:web security appliancescope:eqversion:11.5.1-fcs-115

Trust: 1.0

vendor:ciscomodel:web security the appliance softwarescope:eqversion:10.1.x

Trust: 0.8

vendor:ciscomodel:web security the appliance softwarescope:eqversion:10.5.x

Trust: 0.8

vendor:ciscomodel:web security appliancescope:eqversion:10.1.x

Trust: 0.6

vendor:ciscomodel:web security appliancescope:eqversion:10.5.x

Trust: 0.6

vendor:ciscomodel:web security appliance 11.5.1-fcs-115scope: - version: -

Trust: 0.3

sources: CNVD: CNVD-2019-04921 // BID: 106904 // JVNDB: JVNDB-2019-001892 // NVD: CVE-2019-1672

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1672
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1672
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1672
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-04921
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201902-309
value: MEDIUM

Trust: 0.6

VULHUB: VHN-148894
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1672
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-04921
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-148894
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1672
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 2.8

sources: CNVD: CNVD-2019-04921 // VULHUB: VHN-148894 // JVNDB: JVNDB-2019-001892 // CNNVD: CNNVD-201902-309 // NVD: CVE-2019-1672 // NVD: CVE-2019-1672

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-148894 // JVNDB: JVNDB-2019-001892 // NVD: CVE-2019-1672

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-309

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201902-309

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001892

PATCH
title:cisco-sa-20190206-wsa-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass
Trust: 0.8
title:CiscoWebSecurityAppliance Security Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/154117
Trust: 0.6
title:Cisco Web Security Appliance Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89116
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-04921 // 
            
            
            
            JVNDB: JVNDB-2019-001892 // 
            
            
            
            CNNVD: CNNVD-201902-309

EXTERNAL IDS
db:NVDid:CVE-2019-1672
Trust: 3.4
db:BIDid:106904
Trust: 2.6
db:JVNDBid:JVNDB-2019-001892
Trust: 0.8
db:CNNVDid:CNNVD-201902-309
Trust: 0.7
db:CNVDid:CNVD-2019-04921
Trust: 0.6
db:VULHUBid:VHN-148894
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-04921 // 
            
            
            
            VULHUB: VHN-148894 // 
            
            
            
            BID: 106904 // 
            
            
            
            JVNDB: JVNDB-2019-001892 // 
            
            
            
            CNNVD: CNNVD-201902-309 // 
            
            
            
            NVD: CVE-2019-1672

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190206-wsa-bypass
Trust: 2.6
url:http://www.securityfocus.com/bid/106904
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2019-1672
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1672
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2019-04921 // 
            
            
            
            VULHUB: VHN-148894 // 
            
            
            
            BID: 106904 // 
            
            
            
            JVNDB: JVNDB-2019-001892 // 
            
            
            
            CNNVD: CNNVD-201902-309 // 
            
            
            
            NVD: CVE-2019-1672

CREDITS
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.,Cisco
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-309

SOURCES
db:CNVDid:CNVD-2019-04921
db:VULHUBid:VHN-148894
db:BIDid:106904
db:JVNDBid:JVNDB-2019-001892
db:CNNVDid:CNNVD-201902-309
db:NVDid:CVE-2019-1672

LAST UPDATE DATE
2024-11-23T22:41:36.507000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-04921date:2019-02-22T00:00:00
db:VULHUBid:VHN-148894date:2019-10-09T00:00:00
db:BIDid:106904date:2019-02-06T00:00:00
db:JVNDBid:JVNDB-2019-001892date:2019-03-28T00:00:00
db:CNNVDid:CNNVD-201902-309date:2019-10-17T00:00:00
db:NVDid:CVE-2019-1672date:2024-11-21T04:37:03.967

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-04921date:2019-02-22T00:00:00
db:VULHUBid:VHN-148894date:2019-02-08T00:00:00
db:BIDid:106904date:2019-02-06T00:00:00
db:JVNDBid:JVNDB-2019-001892date:2019-03-28T00:00:00
db:CNNVDid:CNNVD-201902-309date:2019-02-06T00:00:00
db:NVDid:CVE-2019-1672date:2019-02-08T18:29:00.283