CVE-2015-0624 - Vulnerability Details - OpenCVE

The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00149.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Content Security Management Appliance Email Security Appliance Firmware Web Security Appliance

Configuration 1 [-]

OR	cpe:2.3:h:cisco:content_security_management_appliance:-:::::::*
	cpe:2.3:h:cisco:web_security_appliance:-:::::::*
	cpe:2.3:o:cisco:email_security_appliance_firmware:-:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2015-0637	The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624
http://www.securityfocus.com/bid/72702
http://www.securitytracker.com/id/1031781
http://www.securitytracker.com/id/1031782

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-02-21T11:00:00

Updated: 2024-08-06T04:17:32.374Z

Reserved: 2015-01-07T00:00:00

Link: CVE-2015-0624

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-02-21T11:59:02.920

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-0624

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-02-20T00:00:00", "descriptions": [{"lang": "en", "value": "The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-02-27T14:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html"}, {"name": "1031782", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031782"}, {"name": "72702", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/72702"}, {"name": "1031781", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031781"}, {"name": "20150220 Cisco AsyncOS Software HTTP Redirect Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-0624", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html"}, {"name": "1031782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031782"}, {"name": "72702", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72702"}, {"name": "1031781", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031781"}, {"name": "20150220 Cisco AsyncOS Software HTTP Redirect Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:17:32.374Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html"}, {"name": "1031782", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1031782"}, {"name": "72702", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/72702"}, {"name": "1031781", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1031781"}, {"name": "20150220 Cisco AsyncOS Software HTTP Redirect Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-0624", "datePublished": "2015-02-21T11:00:00", "dateReserved": "2015-01-07T00:00:00", "dateUpdated": "2024-08-06T04:17:32.374Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "60635EC8-9AFA-400D-A919-66E60CDEF852", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F24CCD0-DFAB-44D9-B29A-A6D925A83C93", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5BA3A518-E103-4D98-A040-88ED4E0D73CC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639."}, {"lang": "es", "value": "El Framework web en los dispositivos Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), y Web Security Appliance (WSA) permite a atacantes remotos provocar redirecciones a trav\u00e9s de una cabecera HTTP manipulada, tambi\u00e9n conocido como Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, y CSCur89639."}], "id": "CVE-2015-0624", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-02-21T11:59:02.920", "references": [{"source": "psirt@cisco.com", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/72702"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1031781"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1031782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/130525/Cisco-Ironport-AsyncOS-HTTP-Header-Injection.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0624"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/72702"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1031781"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1031782"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}