Cisco Email Security Appliance Format String Vulnerability

The Cisco Email Security Appliance (ESA) contains a vulnerability that could allow an unauthenticated, remote attacker to impact the integrity and availability of services and data on the affected device. The impact includes a partial denial of service (DoS). In addition, the attacker could override part of the memory of the affected device.

The vulnerability is due to improper validation of string input in the web application. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to impact the integrity and availability of services and data of the device, including a partial DoS condition.

Cisco has confirmed the vulnerability; however, software updates are not available.

To exploit the vulnerability, the attacker would need to send crafted HTTP requests to the targeted system through the web application. Because the attacker does not need to authenticate to send the crafted request, the likelihood of a DoS condition or partial memory override is increased.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.