SB2020090308 - Multiple vulnerabilities in Cisco Email Security Appliance, Content Security Management Appliance, and Web Security Appliance

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2020-3546)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to insufficient validation of requests that are sent to the web-based management interface. A remote attacker can send a specially crafted request and obtain the IP addresses that are configured on the internal interfaces of the affected device.

2) Information disclosure (CVE-ID: CVE-2020-3547)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an insecure method used to mask certain passwords on the web-based management interface. A remote authenticated attacker can look at the raw HTML code that is received from the interface and gain unauthorized access to sensitive information on the system.

3) Inefficient Algorithmic Complexity (CVE-ID: CVE-2020-3548)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to inefficient processing of incoming Transport Layer Security (TLS) traffic. A remote attacker can send specially crafted TLS packets, trigger a prolonged state of high CPU utilization and perform a denial of service (DoS) attack.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-info-disclosure-vMJMMgJ
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-wsa-esa-info-dis-vsvPzOHP
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-tls-dos-xW53TBhb