SB2017060902 - Two vulnerabilities in Cisco Email Security Appliance
Published: June 9, 2017
Security Bulletin ID
SB2017060902
Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Security bypass (CVE-ID: CVE-2017-6671)
The vulnerability allows remote unauthenticated attacker to bypass configured filters on the device.The weakness exists in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) due to improper input validation of an email with an attachment and modified Multipurpose Internet Mail Extensions (MIME) header. A remote attacker can send a malformed email message with an attachment to bypass configured message filters.
2) Cross-site scripting (CVE-ID: CVE-2017-6661)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The weakness exists in the web-based management interface due to incorrect filtration of input data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim’s browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Install update from vendor's website.