cnvd - cnvd-2018-05311

cnvd-2018-05311

Vulnerability from cnvd

Title: Cisco Email Security Appliance和Cisco Content Security Management Appliance信息泄露漏洞

Description:

Cisco Email Security Appliance（ESA）和Cisco Content Security Management Appliance（SMA）都是美国思科（Cisco）公司的产品。Cisco ESA是一套电子邮件安全设备，该设备提供垃圾邮件保护、邮件加密、数据丢失防护等功能。Cisco Content SMA是一套内容安全管理设备，该设备主要用于管理电子邮件和Web安全设备的所有策略、报告、审计信息等。spam quarantine是其中的一个垃圾邮件隔离组件。

Cisco ESA和Cisco Content SMA中的spam quarantine存在安全漏洞，该漏洞源于缺少对已认证用户账户的验证。远程攻击者可通过更改浏览器字符串利用该漏洞从spam quarantine中下载任意消息。

Severity: 中

Patch Name: Cisco Email Security Appliance和Cisco Content Security Management Appliance信息泄露漏洞的补丁

Patch Description:

Cisco ESA和Cisco Content SMA中的spam quarantine存在安全漏洞，该漏洞源于缺少对已认证用户账户的验证。远程攻击者可通过更改浏览器字符串利用该漏洞从spam quarantine中下载任意消息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm https://www.securityfocus.com/bid/103090

Impacted products

Name
['Cisco Email Security Appliance 10.0.1-087', 'Cisco Content Security Management Appliance (SMA) 10.1.0-037', 'Cisco Email Security Appliance 9.8.0-112', 'Cisco Email Security Appliance 11.0.0-274', 'Cisco Content Security Management Appliance 10.0.0-096']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "103090"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0140"
    }
  },
  "description": "Cisco Email Security Appliance\uff08ESA\uff09\u548cCisco Content Security Management Appliance\uff08SMA\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco ESA\u662f\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u8bbe\u5907\uff0c\u8be5\u8bbe\u5907\u63d0\u4f9b\u5783\u573e\u90ae\u4ef6\u4fdd\u62a4\u3001\u90ae\u4ef6\u52a0\u5bc6\u3001\u6570\u636e\u4e22\u5931\u9632\u62a4\u7b49\u529f\u80fd\u3002Cisco Content SMA\u662f\u4e00\u5957\u5185\u5bb9\u5b89\u5168\u7ba1\u7406\u8bbe\u5907\uff0c\u8be5\u8bbe\u5907\u4e3b\u8981\u7528\u4e8e\u7ba1\u7406\u7535\u5b50\u90ae\u4ef6\u548cWeb\u5b89\u5168\u8bbe\u5907\u7684\u6240\u6709\u7b56\u7565\u3001\u62a5\u544a\u3001\u5ba1\u8ba1\u4fe1\u606f\u7b49\u3002spam quarantine\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5783\u573e\u90ae\u4ef6\u9694\u79bb\u7ec4\u4ef6\u3002\r\n\r\nCisco ESA\u548cCisco Content SMA\u4e2d\u7684spam quarantine\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f3a\u5c11\u5bf9\u5df2\u8ba4\u8bc1\u7528\u6237\u8d26\u6237\u7684\u9a8c\u8bc1\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u66f4\u6539\u6d4f\u89c8\u5668\u5b57\u7b26\u4e32\u5229\u7528\u8be5\u6f0f\u6d1e\u4ecespam quarantine\u4e2d\u4e0b\u8f7d\u4efb\u610f\u6d88\u606f\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-05311",
  "openTime": "2018-03-15",
  "patchDescription": "Cisco Email Security Appliance\uff08ESA\uff09\u548cCisco Content Security Management Appliance\uff08SMA\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco ESA\u662f\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u8bbe\u5907\uff0c\u8be5\u8bbe\u5907\u63d0\u4f9b\u5783\u573e\u90ae\u4ef6\u4fdd\u62a4\u3001\u90ae\u4ef6\u52a0\u5bc6\u3001\u6570\u636e\u4e22\u5931\u9632\u62a4\u7b49\u529f\u80fd\u3002Cisco Content SMA\u662f\u4e00\u5957\u5185\u5bb9\u5b89\u5168\u7ba1\u7406\u8bbe\u5907\uff0c\u8be5\u8bbe\u5907\u4e3b\u8981\u7528\u4e8e\u7ba1\u7406\u7535\u5b50\u90ae\u4ef6\u548cWeb\u5b89\u5168\u8bbe\u5907\u7684\u6240\u6709\u7b56\u7565\u3001\u62a5\u544a\u3001\u5ba1\u8ba1\u4fe1\u606f\u7b49\u3002spam quarantine\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5783\u573e\u90ae\u4ef6\u9694\u79bb\u7ec4\u4ef6\u3002\r\n\r\nCisco ESA\u548cCisco Content SMA\u4e2d\u7684spam quarantine\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f3a\u5c11\u5bf9\u5df2\u8ba4\u8bc1\u7528\u6237\u8d26\u6237\u7684\u9a8c\u8bc1\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u66f4\u6539\u6d4f\u89c8\u5668\u5b57\u7b26\u4e32\u5229\u7528\u8be5\u6f0f\u6d1e\u4ecespam quarantine\u4e2d\u4e0b\u8f7d\u4efb\u610f\u6d88\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Email Security Appliance\u548cCisco Content Security Management Appliance\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Email Security Appliance 10.0.1-087",
      "Cisco Content Security Management Appliance (SMA) 10.1.0-037",
      "Cisco Email Security Appliance 9.8.0-112",
      "Cisco Email Security Appliance 11.0.0-274",
      "Cisco Content Security Management Appliance 10.0.0-096"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm\r\nhttps://www.securityfocus.com/bid/103090",
  "serverity": "\u4e2d",
  "submitTime": "2018-02-27",
  "title": "Cisco Email Security Appliance\u548cCisco Content Security Management Appliance\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2018-0140 (GCVE-0-2018-0140)

Vulnerability from cvelistv5

Published

2018-02-08 07:00

Modified

2024-12-02 21:08

Severity ?

CWE

CWE-200

Summary

A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1040339	vdb-entry, x_refsource_SECTRACK
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/103090	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1040338	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	Cisco Email Security Appliance and Cisco Content Security Management Appliance	Version: Cisco Email Security Appliance and Cisco Content Security Management Appliance

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.872Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040339",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm"
          },
          {
            "name": "103090",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103090"
          },
          {
            "name": "1040338",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040338"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0140",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T18:55:19.184419Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:08:30.247Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Email Security Appliance and Cisco Content Security Management Appliance",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Email Security Appliance and Cisco Content Security Management Appliance"
            }
          ]
        }
      ],
      "datePublic": "2018-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-22T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1040339",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm"
        },
        {
          "name": "103090",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103090"
        },
        {
          "name": "1040338",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040338"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Email Security Appliance and Cisco Content Security Management Appliance",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Email Security Appliance and Cisco Content Security Management Appliance"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040339",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040339"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm"
            },
            {
              "name": "103090",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103090"
            },
            {
              "name": "1040338",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040338"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0140",
    "datePublished": "2018-02-08T07:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T21:08:30.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted