OpenCVE

A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	Email Security Appliance

Configuration 1 [-]

cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/105300
http://www.securitytracker.com/id/1041687
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass

History

Tue, 26 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-10-05T14:00:00Z

Updated: 2024-11-26T14:41:56.071Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0447

Vulnrichment

Updated: 2024-08-05T03:28:09.828Z

NVD

Status : Modified

Published: 2018-10-05T14:29:02.810

Modified: 2024-11-21T03:38:15.010

Link: CVE-2018-0447

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Email Security Appliance (ESA)", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-05T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-10-07T09:57:02", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "105300", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105300"}, {"name": "1041687", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041687"}, {"name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass"}], "source": {"advisory": "cisco-sa-20180905-esa-url-bypass", "defect": [["CSCvj55728"]], "discovery": "UNKNOWN"}, "title": "Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2018-09-05T16:00:00-0500", "ID": "CVE-2018-0447", "STATE": "PUBLIC", "TITLE": "Cisco Email Security Appliance URL Filtering Bypass Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Email Security Appliance (ESA)", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device."}]}, "impact": {"cvss": {"baseScore": "5.3", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284"}]}]}, "references": {"reference_data": [{"name": "105300", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105300"}, {"name": "1041687", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041687"}, {"name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass"}]}, "source": {"advisory": "cisco-sa-20180905-esa-url-bypass", "defect": [["CSCvj55728"]], "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:28:09.828Z"}, "title": "CVE Program Container", "references": [{"name": "105300", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105300"}, {"name": "1041687", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041687"}, {"name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-25T18:53:30.163162Z", "id": "CVE-2018-0447", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-26T14:41:56.071Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0447", "datePublished": "2018-10-05T14:00:00Z", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-11-26T14:41:56.071Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/bid/105300", "name": "105300", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1041687", "name": "1041687", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass", "name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:28:09.828Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2018-0447", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-25T18:53:30.163162Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-25T18:54:32.348Z"}}], "cna": {"title": "Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "source": {"defect": [["CSCvj55728"]], "advisory": "cisco-sa-20180905-esa-url-bypass", "discovery": "UNKNOWN"}, "affected": [{"vendor": "Cisco", "product": "Cisco Email Security Appliance (ESA)", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-05T00:00:00", "references": [{"url": "http://www.securityfocus.com/bid/105300", "name": "105300", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.securitytracker.com/id/1041687", "name": "1041687", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass", "name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2018-10-07T09:57:02"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "5.3"}}, "source": {"defect": [["CSCvj55728"]], "advisory": "cisco-sa-20180905-esa-url-bypass", "discovery": "UNKNOWN"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco Email Security Appliance (ESA)"}]}, "vendor_name": "Cisco"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/105300", "name": "105300", "refsource": "BID"}, {"url": "http://www.securitytracker.com/id/1041687", "name": "1041687", "refsource": "SECTRACK"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass", "name": "20180905 Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2018-0447", "STATE": "PUBLIC", "TITLE": "Cisco Email Security Appliance URL Filtering Bypass Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2018-09-05T16:00:00-0500"}}}}, "cveMetadata": {"cveId": "CVE-2018-0447", "state": "PUBLISHED", "dateUpdated": "2024-11-26T14:41:56.071Z", "dateReserved": "2017-11-27T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2018-10-05T14:00:00Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "678C2C6F-6D46-4BBE-A902-7AD031D8EBA8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device."}, {"lang": "es", "value": "Una vulnerabilidad en los mecanismos de protecci\u00f3n anti-spam de Cisco AsyncOS Software para Cisco Email Security Appliance (ESA) podr\u00eda permitir que un atacante remoto no autenticado omita determinados filtros de contenido en un dispositivo afectado. Esta vulnerabilidad se debe a mecanismos de comprobaci\u00f3n de validaci\u00f3n y entradas incompletos para determinados mensajes SPF (Sender Policy Framework) que se env\u00eden a un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete SPF personalizado a un dispositivo afectado. Si se realiza con \u00e9xito, su explotaci\u00f3n podr\u00eda permitir que el atacante omita los filtros URL que est\u00e1n configurados para el dispositivo afectado, lo que podr\u00eda permitir que las URL maliciosas pasen a trav\u00e9s del dispositivo."}], "id": "CVE-2018-0447", "lastModified": "2024-11-21T03:38:15.010", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-05T14:29:02.810", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105300"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041687"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105300"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041687"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-esa-url-bypass"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}