Denial of service in Cisco Email Security Appliance

Published: 2019-01-10 16:18:32
Severity Medium
Patch available YES
Number of vulnerabilities 2
CVE ID CVE-2018-15453
CVE-2018-15460
CVSSv3 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-119
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software Cisco Email Security Appliance
Vulnerable software versions Cisco Email Security Appliance 11-0-1-401
Cisco Email Security Appliance 11.1.0-131
Cisco Email Security Appliance 12.0.0

Show more

Vendor URL Cisco Systems, Inc

Security Advisory

1) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features due to improper input validation of S/MIME-signed emails. A remote attacker can send a malicious S/MIME-signed email through a targeted device, trigger memory corruption if Decryption and Verification or Public Key Harvesting is configured and cause the filtering process to crash and restart.

Remediation

The vulnerability has been addressed in the versions 12.0.0-281, 11.1.1-042, 11.1.1-037, 11.0.2-044.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos

2) Input validation error

Description

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists in the email message filtering feature due to improper filtering of email messages that contain references to whitelisted URLs. A remote attacker can send a malicious email message that contains a large number of whitelisted URLs, cause the CPU utilization to increase to 100 percent and force the affected device to stop scanning and forwarding email messages.

Remediation

The vulnerability has been addressed in the versions 12.0.0-281, 11.1.2-023, 11.0.2-044.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos

Back to List