Lucene search

CiscoCVELIST:CVE-2019-1905

HistoryJun 20, 2019 - 3:10 a.m.

CVE-2019-1905 Cisco Email Security Appliance GZIP Content Filter Bypass Vulnerability

2019-06-2003:10:20

CWE-20

cisco

www.cve.org

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-formatted files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted GZIP-compressed file. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.

CNA Affected

[
  {
    "product": "Cisco Email Security Appliance (ESA)",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "12.0"
      }
    ]
  }
]

References

www.securityfocus.com/bid/108856

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-esa-bypass

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

Related for CVELIST:CVE-2019-1905