SB2017112113 - HTTP response splitting in Cisco Email Security Appliance
Published: November 21, 2017
Security Bulletin ID
SB2017112113
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) HTTP response splitting (CVE-ID: CVE-2017-12309)
CWE-ID: CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote user to perform HTTP response splitting attack.
The weakness exists in the Cisco Email Security Appliance (ESA) due to the failure of the application or its environment to properly sanitize input values. A remote attacker can inject a specially crafted HTTP headers controlling the response body, or splitting the response into multiple responses.
Successful vulnerability may result in cross-site scripting attacks, cross-user defacement, web cache poisoning, and similar exploits.
Remediation
Install update from vendor's website.