Details of VAR-202106-0633

ID

VAR-202106-0633

CVE

CVE-2021-1566

TITLE

Cisco Email Security Appliance and Cisco Web Security Appliance for Cisco AsyncOS Vulnerability in Certificate Verification

Trust: 0.8

sources: JVNDB: JVNDB-2021-008227

DESCRIPTION

A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The product mainly has functions such as advanced threat prevention, monitoring and response

Trust: 2.25

sources: NVD: CVE-2021-1566 // JVNDB: JVNDB-2021-008227 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-374620

AFFECTED PRODUCTS

vendor:	cisco	model:	asyncos	scope:	gte	version:	13.0	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.5.3-035	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	12.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	13.0.0-030	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	13.5	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	11.8.3-021	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.5.1-043	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	13.5.3-010	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	12.5.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.0.3-005	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco e メールセキュリティアプライアンス	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco web セキュリティアプライアンス	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco asyncos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-008227 // NVD: CVE-2021-1566

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1566
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1566
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1566
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202106-1319
value:	HIGH
Trust: 0.6
VULHUB:	VHN-374620
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-1566
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-374620
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1566
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	5.2
version:	3.1
Trust: 2.0
NVD:	CVE-2021-1566
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-374620 // JVNDB: JVNDB-2021-008227 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1319 // NVD: CVE-2021-1566 // NVD: CVE-2021-1566

PROBLEMTYPE DATA

problemtype:	CWE-295	Trust: 1.1
problemtype:	CWE-296	Trust: 1.0
problemtype:	Bad certificate verification (CWE-295) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-374620 // JVNDB: JVNDB-2021-008227 // NVD: CVE-2021-1566

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1319

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	cisco-sa-esa-wsa-cert-vali-n8L97RW	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW	Trust: 0.8
title:	Cisco Advanced Malware Protection Repair measures for trust management problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155298	Trust: 0.6

sources: JVNDB: JVNDB-2021-008227 // CNNVD: CNNVD-202106-1319

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1566	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-008227	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021061621	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2151	Trust: 0.6
db:	CNNVD	id:	CNNVD-202106-1319	Trust: 0.6
db:	VULHUB	id:	VHN-374620	Trust: 0.1

sources: VULHUB: VHN-374620 // JVNDB: JVNDB-2021-008227 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1319 // NVD: CVE-2021-1566

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-wsa-cert-vali-n8l97rw	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1566	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021061621	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-esa-wsa-man-in-the-middle-via-amp-35708	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2151	Trust: 0.6

sources: VULHUB: VHN-374620 // JVNDB: JVNDB-2021-008227 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202106-1319 // NVD: CVE-2021-1566

SOURCES

db:	VULHUB	id:	VHN-374620
db:	JVNDB	id:	JVNDB-2021-008227
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202106-1319
db:	NVD	id:	CVE-2021-1566

LAST UPDATE DATE

2024-08-14T12:26:41.682000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374620	date:	2021-06-23T00:00:00
db:	JVNDB	id:	JVNDB-2021-008227	date:	2022-03-08T08:02:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202106-1319	date:	2021-06-28T00:00:00
db:	NVD	id:	CVE-2021-1566	date:	2023-11-07T03:28:38.887

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374620	date:	2021-06-16T00:00:00
db:	JVNDB	id:	JVNDB-2021-008227	date:	2022-03-08T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202106-1319	date:	2021-06-16T00:00:00
db:	NVD	id:	CVE-2021-1566	date:	2021-06-16T18:15:08.710