Details of VAR-201911-1319

ID

VAR-201911-1319

CVE

CVE-2019-15971

TITLE

Cisco Email Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012825

DESCRIPTION

A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted MP3 file through the targeted device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. AsyncOS Software is a set of operating systems running on it

Trust: 1.71

sources: NVD: CVE-2019-15971 // JVNDB: JVNDB-2019-012825 // VULHUB: VHN-148071

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	lt	version:	13.0	Trust: 1.0
vendor:	cisco	model:	e email security appliance	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-012825 // NVD: CVE-2019-15971

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-15971
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-15971
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-15971
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201911-1212
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-148071
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-15971
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-148071
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-15971
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-15971
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-15971
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-148071 // JVNDB: JVNDB-2019-012825 // CNNVD: CNNVD-201911-1212 // NVD: CVE-2019-15971 // NVD: CVE-2019-15971

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-345	Trust: 1.1

sources: VULHUB: VHN-148071 // JVNDB: JVNDB-2019-012825 // NVD: CVE-2019-15971

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-1212

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201911-1212

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012825

PATCH

title:	cisco-sa-20191120-esa-mp3-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-esa-mp3-bypass	Trust: 0.8
title:	Cisco Email Security Appliance AsyncOS Software Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103150	Trust: 0.6

sources: JVNDB: JVNDB-2019-012825 // CNNVD: CNNVD-201911-1212

EXTERNAL IDS

db:	NVD	id:	CVE-2019-15971	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-012825	Trust: 0.8
db:	CNNVD	id:	CNNVD-201911-1212	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.4393	Trust: 0.6
db:	VULHUB	id:	VHN-148071	Trust: 0.1

sources: VULHUB: VHN-148071 // JVNDB: JVNDB-2019-012825 // CNNVD: CNNVD-201911-1212 // NVD: CVE-2019-15971

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191120-esa-mp3-bypass	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15971	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15971	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191120-esa-url-bypass	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4393/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-email-security-appliance-privilege-escalation-via-mp3-content-filter-bypass-30926	Trust: 0.6

sources: VULHUB: VHN-148071 // JVNDB: JVNDB-2019-012825 // CNNVD: CNNVD-201911-1212 // NVD: CVE-2019-15971

SOURCES

db:	VULHUB	id:	VHN-148071
db:	JVNDB	id:	JVNDB-2019-012825
db:	CNNVD	id:	CNNVD-201911-1212
db:	NVD	id:	CVE-2019-15971

LAST UPDATE DATE

2024-11-23T22:16:46.408000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-148071	date:	2020-10-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-012825	date:	2019-12-13T00:00:00
db:	CNNVD	id:	CNNVD-201911-1212	date:	2020-10-21T00:00:00
db:	NVD	id:	CVE-2019-15971	date:	2024-11-21T04:29:50.683

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-148071	date:	2019-11-26T00:00:00
db:	JVNDB	id:	JVNDB-2019-012825	date:	2019-12-13T00:00:00
db:	CNNVD	id:	CNNVD-201911-1212	date:	2019-11-20T00:00:00
db:	NVD	id:	CVE-2019-15971	date:	2019-11-26T04:15:11.653