Cisco Email Security Appliance Denial of Service Vulnerability (CSCvo89192)

2020-02-25T00:00:00
ID CISCO-SA-20200219-ESA-SMA-DOS_CSCVO89192_FOR_ESA.NASL
Type nessus
Reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2020-02-25T00:00:00

Description

According to its self-reported version, Cisco Email Security Appliance (ESA) is affected by an input-validation flaw related to the email message filtering feature that allows denial of service attacks.

Please see the included Cisco BID and Cisco Security Advisory for more information

                                        
                                            #TRUSTED 5c23c96cdc78fac8f15b65f09d7c3f42b4816527e15092345ca32f584e4116af849eff96721129c7a99fb661ef8d31ba22c7a359eb496da4cc924b1631603bcfa1a3cbb76c4bcf747e122c8788cfe0b7543f21602f7092babc2b6add104e7e7b6341075bd5bc79660223c23d6e4c9f43111f99d238f07dd2396f745186034811870dcde5cdebe7669fd4d89176788e84e88111e63e2ea20625c601f7b50a2ae03610cabe6297191411d112c37d9e5e67e939bcd1afe0d365fbc8e050a1720764f6231a0634297392ec4cc279ceb0336f8ed4acac4aa56a8f6b6daa107cb1118fe8c2bb53c7719830f8b9839461bf06d64457c72c77f6f0cf73b33d74763142787404b3e0bda6086d6c0c83a06bc14c452cba5a9fa80ed54b2046808adcd67535c0b34e0a62f97817a7863a50415ece97d94547bd5eaa0720f8e9f3f24758a4bc5606ea45c86ca2bec5204a4c1fc80f2472da5f054639a8eedcc4fb932bad867c595a45957938751da302e0dc64fc17b9d3c934bafde6a1a391d590cb999e986b0669d4923f475b42c2148e846c27d2e572e1483d9b3ce50677232a8fa716246980c0316aae7b567f097127b244ebed202c8f034057b3dc8e6f86145d2adde986418cd326cbf2a1a9126d27b2967b78c1ef50584f0e83c5d18aa893411266c2d371e7ff9fe6796734cbecf604a46790862d6206f4e3c3f899376746741da9fe21
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(133961);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/27");

  script_cve_id("CVE-2019-1983");
  script_xref(name:"CISCO-BUG-ID", value:"CSCvo89192");
  script_xref(name:"CISCO-SA", value:"cisco-sa-20200219-esa-sma-dos");
  script_xref(name:"IAVA", value:"2020-A-0045");

  script_name(english:"Cisco Email Security Appliance Denial of Service Vulnerability (CSCvo89192)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Email Security
Appliance (ESA) is affected by an input-validation flaw related to
the email message filtering feature that allows denial of service
attacks.

Please see the included Cisco BID and Cisco Security Advisory for more
information");
  # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-sma-dos
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b12c8fec");
  script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo89192");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvo89192");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1983");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/02/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:email_security_appliance_(esa)");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_esa_version.nasl");
  script_require_keys("Host/AsyncOS/Cisco Email Security Appliance/Version");

  exit(0);
}

include('audit.inc');
include('cisco_workarounds.inc');
include('ccf.inc');

product_info = cisco::get_product_info(name:'Cisco Email Security Appliance (ESA)');

vuln_ranges = [
  { 'min_ver' : '0', 'fix_ver' : '11.0.3.251' },
  { 'min_ver' : '12', 'fix_ver' : '12.5.0.059' }
];

reporting = make_array(
  'port'          , 0,
  'severity'      , SECURITY_WARNING,
  'version'       , product_info['version'],
  'bug_id'        , 'CSCvo89192',
  'disable_caveat', TRUE
);

cisco::check_and_report(product_info:product_info, reporting:reporting, vuln_ranges:vuln_ranges);