Main Vulnerability Database Vulnerabilities #VU9385

HTTP response splitting in Cisco Email Security Appliance - CVE-2017-12309

Published: November 16, 2017 / Updated: November 21, 2017

Vulnerability identifier: #VU9385

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-12309

CWE-ID: CWE-113

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco Email Security Appliance

Detailed vulnerability description

The vulnerability allows a remote user to perform HTTP response splitting attack.

The weakness exists in the Cisco Email Security Appliance (ESA) due to the failure of the application or its environment to properly sanitize input values. A remote attacker can inject a specially crafted HTTP headers controlling the response body, or splitting the response into multiple responses.

Successful vulnerability may result in cross-site scripting attacks, cross-user defacement, web cache poisoning, and similar exploits.

How to mitigate CVE-2017-12309

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-esa

HTTP response splitting in Cisco Email Security Appliance - CVE-2017-12309

Detailed vulnerability description

How to mitigate CVE-2017-12309

Sources

Please verify you're human