Details of VAR-201904-0437

ID

VAR-201904-0437

CVE

CVE-2019-1831

TITLE

Cisco Email Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003518

DESCRIPTION

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker could exploit this vulnerability by inserting specific character strings in the message. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug IDs CSCvo01349 and CSCvo78686

Trust: 1.98

sources: NVD: CVE-2019-1831 // JVNDB: JVNDB-2019-003518 // BID: 108021 // VULHUB: VHN-150643

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	11.1.2-023	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	12.0.0-208	Trust: 1.0
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.3

sources: BID: 108021 // JVNDB: JVNDB-2019-003518 // NVD: CVE-2019-1831

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1831
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1831
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1831
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201904-829
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-150643
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1831
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-150643
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1831
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1831
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-150643 // JVNDB: JVNDB-2019-003518 // CNNVD: CNNVD-201904-829 // NVD: CVE-2019-1831 // NVD: CVE-2019-1831

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-150643 // JVNDB: JVNDB-2019-003518 // NVD: CVE-2019-1831

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-829

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 108021 // CNNVD: CNNVD-201904-829

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003518

PATCH

title:	cisco-sa-20190417-esa-filter-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-esa-filter-bypass	Trust: 0.8
title:	Cisco Email Security Appliance AsyncOS Software Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91664	Trust: 0.6

sources: JVNDB: JVNDB-2019-003518 // CNNVD: CNNVD-201904-829

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1831	Trust: 2.8
db:	BID	id:	108021	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003518	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.1337	Trust: 0.6
db:	CNNVD	id:	CNNVD-201904-829	Trust: 0.6
db:	VULHUB	id:	VHN-150643	Trust: 0.1

sources: VULHUB: VHN-150643 // BID: 108021 // JVNDB: JVNDB-2019-003518 // CNNVD: CNNVD-201904-829 // NVD: CVE-2019-1831

REFERENCES

url:	http://www.securityfocus.com/bid/108021	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190417-esa-filter-bypass	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1831	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1831	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-email-security-appliance-privilege-escalation-via-content-filter-bypass-29082	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79326	Trust: 0.6

sources: VULHUB: VHN-150643 // BID: 108021 // JVNDB: JVNDB-2019-003518 // CNNVD: CNNVD-201904-829 // NVD: CVE-2019-1831

CREDITS

Cisco

Trust: 0.9

sources: BID: 108021 // CNNVD: CNNVD-201904-829

SOURCES

db:	VULHUB	id:	VHN-150643
db:	BID	id:	108021
db:	JVNDB	id:	JVNDB-2019-003518
db:	CNNVD	id:	CNNVD-201904-829
db:	NVD	id:	CVE-2019-1831

LAST UPDATE DATE

2024-11-23T22:51:50.599000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-150643	date:	2019-10-09T00:00:00
db:	BID	id:	108021	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003518	date:	2019-05-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-829	date:	2019-04-23T00:00:00
db:	NVD	id:	CVE-2019-1831	date:	2024-11-21T04:37:29.390

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-150643	date:	2019-04-18T00:00:00
db:	BID	id:	108021	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2019-003518	date:	2019-05-20T00:00:00
db:	CNNVD	id:	CNNVD-201904-829	date:	2019-04-17T00:00:00
db:	NVD	id:	CVE-2019-1831	date:	2019-04-18T02:29:05.747