Details of VAR-201906-0691

ID

VAR-201906-0691

CVE

CVE-2019-1905

TITLE

Cisco Email Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-005716

DESCRIPTION

A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-formatted files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted GZIP-compressed file. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvo82840. AsyncOS Software is a set of operating systems running on it

Trust: 1.98

sources: NVD: CVE-2019-1905 // JVNDB: JVNDB-2019-005716 // BID: 108856 // VULHUB: VHN-151457

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	11.1.2	Trust: 1.3
vendor:	cisco	model:	email security appliance	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	eq	version:	12.0	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.3

sources: BID: 108856 // JVNDB: JVNDB-2019-005716 // NVD: CVE-2019-1905

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1905
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1905
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1905
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201906-804
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-151457
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1905
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-151457
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1905
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 2.8

sources: VULHUB: VHN-151457 // JVNDB: JVNDB-2019-005716 // CNNVD: CNNVD-201906-804 // NVD: CVE-2019-1905 // NVD: CVE-2019-1905

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-151457 // JVNDB: JVNDB-2019-005716 // NVD: CVE-2019-1905

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-804

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201906-804

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005716

PATCH

title:

cisco-sa-20190619-esa-bypass

url:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-esa-bypass

Trust: 0.8

sources: JVNDB: JVNDB-2019-005716

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1905	Trust: 2.8
db:	BID	id:	108856	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-005716	Trust: 0.8
db:	CNNVD	id:	CNNVD-201906-804	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.0200	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.2203	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0766	Trust: 0.6
db:	VULHUB	id:	VHN-151457	Trust: 0.1

sources: VULHUB: VHN-151457 // BID: 108856 // JVNDB: JVNDB-2019-005716 // CNNVD: CNNVD-201906-804 // NVD: CVE-2019-1905

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190619-esa-bypass	Trust: 2.0
url:	http://www.securityfocus.com/bid/108856	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1905	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1905	Trust: 0.8
url:	https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0200/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-email-security-appliance-privilege-escalation-via-gzip-content-filter-bypass-29570	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0766/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2203/	Trust: 0.6

sources: VULHUB: VHN-151457 // BID: 108856 // JVNDB: JVNDB-2019-005716 // CNNVD: CNNVD-201906-804 // NVD: CVE-2019-1905

CREDITS

Cisco

Trust: 0.9

sources: BID: 108856 // CNNVD: CNNVD-201906-804

SOURCES

db:	VULHUB	id:	VHN-151457
db:	BID	id:	108856
db:	JVNDB	id:	JVNDB-2019-005716
db:	CNNVD	id:	CNNVD-201906-804
db:	NVD	id:	CVE-2019-1905

LAST UPDATE DATE

2024-11-23T20:34:08.304000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-151457	date:	2019-10-09T00:00:00
db:	BID	id:	108856	date:	2019-06-19T00:00:00
db:	JVNDB	id:	JVNDB-2019-005716	date:	2019-06-27T00:00:00
db:	CNNVD	id:	CNNVD-201906-804	date:	2020-03-04T00:00:00
db:	NVD	id:	CVE-2019-1905	date:	2024-11-21T04:37:39.443

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-151457	date:	2019-06-20T00:00:00
db:	BID	id:	108856	date:	2019-06-19T00:00:00
db:	JVNDB	id:	JVNDB-2019-005716	date:	2019-06-27T00:00:00
db:	CNNVD	id:	CNNVD-201906-804	date:	2019-06-19T00:00:00
db:	NVD	id:	CVE-2019-1905	date:	2019-06-20T03:15:12.603