Details of VAR-201907-0866

ID

VAR-201907-0866

CVE

CVE-2019-1921

TITLE

Cisco Email Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-006250

DESCRIPTION

A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker could exploit this vulnerability by naming a malicious attachment with a specific pattern. A successful exploit could allow the attacker to bypass configured content filters that would normally block the attachment. AsyncOSSoftware is a set of operating systems running on it. An import validation error vulnerability exists in the scan of attachments in Cisco ESA due to the program failing to perform correct input validation on the body of the message. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvp88949

Trust: 2.52

sources: NVD: CVE-2019-1921 // JVNDB: JVNDB-2019-006250 // CNVD: CNVD-2019-21304 // BID: 109044 // VULHUB: VHN-151633

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-21304

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	12.0.0-419	Trust: 1.3
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2019-21304 // BID: 109044 // JVNDB: JVNDB-2019-006250 // NVD: CVE-2019-1921

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1921
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1921
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1921
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-21304
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201907-221
value:	HIGH
Trust: 0.6
VULHUB:	VHN-151633
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1921
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-21304
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-151633
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1921
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1921
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2019-21304 // VULHUB: VHN-151633 // JVNDB: JVNDB-2019-006250 // CNNVD: CNNVD-201907-221 // NVD: CVE-2019-1921 // NVD: CVE-2019-1921

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-151633 // JVNDB: JVNDB-2019-006250 // NVD: CVE-2019-1921

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-221

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 109044 // CNNVD: CNNVD-201907-221

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-006250

PATCH

title:	cisco-sa-20190703-esa-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-esa-bypass	Trust: 0.8
title:	CiscoEmailSecurityAppliance enters a patch to verify the error vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/167113	Trust: 0.6
title:	Cisco Email Security Appliance Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94411	Trust: 0.6

sources: CNVD: CNVD-2019-21304 // JVNDB: JVNDB-2019-006250 // CNNVD: CNNVD-201907-221

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1921	Trust: 3.4
db:	BID	id:	109044	Trust: 1.0
db:	JVNDB	id:	JVNDB-2019-006250	Trust: 0.8
db:	CNNVD	id:	CNNVD-201907-221	Trust: 0.7
db:	CNVD	id:	CNVD-2019-21304	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.2442	Trust: 0.6
db:	VULHUB	id:	VHN-151633	Trust: 0.1

sources: CNVD: CNVD-2019-21304 // VULHUB: VHN-151633 // BID: 109044 // JVNDB: JVNDB-2019-006250 // CNNVD: CNNVD-201907-221 // NVD: CVE-2019-1921

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-esa-bypass	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1921	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1921	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190703-esa-filterpass	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2442/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-email-security-appliance-privilege-escalation-via-content-filter-bypass-29687	Trust: 0.6
url:	https://www.securityfocus.com/bid/109044	Trust: 0.6

sources: CNVD: CNVD-2019-21304 // VULHUB: VHN-151633 // BID: 109044 // JVNDB: JVNDB-2019-006250 // CNNVD: CNNVD-201907-221 // NVD: CVE-2019-1921

CREDITS

Cisco

Trust: 0.9

sources: BID: 109044 // CNNVD: CNNVD-201907-221

SOURCES

db:	CNVD	id:	CNVD-2019-21304
db:	VULHUB	id:	VHN-151633
db:	BID	id:	109044
db:	JVNDB	id:	JVNDB-2019-006250
db:	CNNVD	id:	CNNVD-201907-221
db:	NVD	id:	CVE-2019-1921

LAST UPDATE DATE

2024-11-23T21:52:08.211000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-21304	date:	2019-07-05T00:00:00
db:	VULHUB	id:	VHN-151633	date:	2019-10-09T00:00:00
db:	BID	id:	109044	date:	2019-07-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-006250	date:	2019-07-17T00:00:00
db:	CNNVD	id:	CNNVD-201907-221	date:	2019-07-16T00:00:00
db:	NVD	id:	CVE-2019-1921	date:	2024-11-21T04:37:41.443

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-21304	date:	2019-07-05T00:00:00
db:	VULHUB	id:	VHN-151633	date:	2019-07-06T00:00:00
db:	BID	id:	109044	date:	2019-07-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-006250	date:	2019-07-17T00:00:00
db:	CNNVD	id:	CNNVD-201907-221	date:	2019-07-03T00:00:00
db:	NVD	id:	CVE-2019-1921	date:	2019-07-06T02:15:11.713