Sign-up

ID

VAR-201905-0591


CVE

CVE-2019-1844


TITLE

Cisco Email Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003868

DESCRIPTION

A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device. The vulnerability is due to improper detection of certain content sent to an affected device. An attacker could exploit this vulnerability by sending certain file types without Content-Disposition information to an affected device. A successful exploit could allow an attacker to send messages that contain malicious content to users. Cisco Email Security Appliance (ESA) Contains an input validation vulnerability.Information may be tampered with. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvm36810. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 2.07

sources: NVD: CVE-2019-1844 // JVNDB: JVNDB-2019-003868 // BID: 108149 // VULHUB: VHN-150786 // VULMON: CVE-2019-1844

AFFECTED PRODUCTS

vendor:ciscomodel:email security appliancescope:eqversion:11.1.0-131

Trust: 1.0

vendor:ciscomodel:e email security the appliancescope: - version: -

Trust: 0.8

vendor:ciscomodel:email security appliancescope:eqversion:0

Trust: 0.3

sources: BID: 108149 // JVNDB: JVNDB-2019-003868 // NVD: CVE-2019-1844

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1844
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1844
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1844
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-056
value: MEDIUM

Trust: 0.6

VULHUB: VHN-150786
value: MEDIUM

Trust: 0.1

VULMON: CVE-2019-1844
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1844
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-150786
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1844
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-150786 // VULMON: CVE-2019-1844 // JVNDB: JVNDB-2019-003868 // CNNVD: CNNVD-201905-056 // NVD: CVE-2019-1844 // NVD: CVE-2019-1844

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-150786 // JVNDB: JVNDB-2019-003868 // NVD: CVE-2019-1844

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-056

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 108149 // CNNVD: CNNVD-201905-056

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003868

PATCH
title:cisco-sa-20190501-esa-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-esa-bypass
Trust: 0.8
title:Cisco Email Security Appliance Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92199
Trust: 0.6
title:Cisco: Cisco Email Security Appliance Filter Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20190501-esa-bypass
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco_high-severity_bug/144410/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2019-1844 // 
            
            
            
            JVNDB: JVNDB-2019-003868 // 
            
            
            
            CNNVD: CNNVD-201905-056

EXTERNAL IDS
db:NVDid:CVE-2019-1844
Trust: 2.9
db:BIDid:108149
Trust: 2.1
db:JVNDBid:JVNDB-2019-003868
Trust: 0.8
db:CNNVDid:CNNVD-201905-056
Trust: 0.7
db:AUSCERTid:ESB-2019.1531.2
Trust: 0.6
db:VULHUBid:VHN-150786
Trust: 0.1
db:VULMONid:CVE-2019-1844
Trust: 0.1
sources:
            
            
            VULHUB: VHN-150786 // 
            
            
            
            VULMON: CVE-2019-1844 // 
            
            
            
            BID: 108149 // 
            
            
            
            JVNDB: JVNDB-2019-003868 // 
            
            
            
            CNNVD: CNNVD-201905-056 // 
            
            
            
            NVD: CVE-2019-1844

REFERENCES
url:http://www.securityfocus.com/bid/108149
Trust: 2.5
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-esa-bypass
Trust: 2.2
url:https://nvd.nist.gov/vuln/detail/cve-2019-1844
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1844
Trust: 0.8
url:https://www.auscert.org.au/bulletins/80162
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-email-security-appliance-privilege-escalation-via-filter-bypass-29187
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco_high-severity_bug/144410/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-150786 // 
            
            
            
            VULMON: CVE-2019-1844 // 
            
            
            
            BID: 108149 // 
            
            
            
            JVNDB: JVNDB-2019-003868 // 
            
            
            
            CNNVD: CNNVD-201905-056 // 
            
            
            
            NVD: CVE-2019-1844

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 108149 // 
            
            
            
            CNNVD: CNNVD-201905-056

SOURCES
db:VULHUBid:VHN-150786
db:VULMONid:CVE-2019-1844
db:BIDid:108149
db:JVNDBid:JVNDB-2019-003868
db:CNNVDid:CNNVD-201905-056
db:NVDid:CVE-2019-1844

LAST UPDATE DATE
2024-11-23T23:01:50.462000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-150786date:2019-10-09T00:00:00
db:VULMONid:CVE-2019-1844date:2019-10-09T00:00:00
db:BIDid:108149date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-003868date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-056date:2019-05-08T00:00:00
db:NVDid:CVE-2019-1844date:2024-11-21T04:37:31.013

SOURCES RELEASE DATE
db:VULHUBid:VHN-150786date:2019-05-03T00:00:00
db:VULMONid:CVE-2019-1844date:2019-05-03T00:00:00
db:BIDid:108149date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-003868date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-056date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1844date:2019-05-03T17:29:01.173