#VU9385 HTTP response splitting in Cisco Email Security Appliance - CVE-2017-12309

Vulnerability identifier: #VU9385

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-12309

CWE-ID: CWE-113

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Email Security Appliance

Software vendor:
Cisco Systems, Inc

The vulnerability allows a remote user to perform HTTP response splitting attack.

The weakness exists in the Cisco Email Security Appliance (ESA) due to the failure of the application or its environment to properly sanitize input values. A remote attacker can inject a specially crafted HTTP headers controlling the response body, or splitting the response into multiple responses.

Successful vulnerability may result in cross-site scripting attacks, cross-user defacement, web cache poisoning, and similar exploits.

Install update from vendor's website.

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-esa