Input validation error in Cisco AsyncOS for Cisco Email Security Appliance

#VU24669 Input validation error in Cisco AsyncOS for Cisco Email Security Appliance

Published: 2020-01-27

Vulnerability identifier: #VU24669

Vulnerability risk: Medium

CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3133

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco AsyncOS for Cisco Email Security Appliance
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to bypass configured filters on the target device.

The vulnerability exists due to improper validation of incoming emails. A remote attacker can send a specially crafted email message to a recipient protected by the ESA and bypass the configured content filters, which could allow malicious content to pass through the device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco AsyncOS for Cisco Email Security Appliance: 7.6.3 - 12.5.1

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-bypass-5Cdv2HMA

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance