CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS
Percentile
40.3%
According to its self-reported version, Cisco Email Security Appliance (ESA) is affected by following vulnerability
Please see the included Cisco BIDs and Cisco Security Advisory for more information
#TRUSTED 3d74bf0e0f54e70fe51ed4e0cf6218817ddfdccf4d3e7dcbd4b12b9e1e47b680ad5dc04a4e74ce783457c1c318b1fac396b2be4516098b015037a2913f167743398b686479aca0e606a930ce0fe17f2576400f6ac3fe1cf8895ccd3a7dd81d536d89d0a693f076cfc6308139f5c4ec85907be1e65351917c8d6ae165048f088876669d702921d55aa8b10ac283f43a87482a0b79a878e3d067b007934ed7e18efdf5d4546459b92afd3d734578db90c6aa91c4bbbd649031eb2dc0a48d54298b36542d14a9c3dea651432f45218a884a5345d400cbb69ab3e77d99b8019d2450b62185044a28bfb0baa1ba3281ced3ce3b77d09653c12a2cee5575b0af0978a32c25097c147ed96623fa1aac358f140db4c979af1e68e9043e08c5c217093c5720081e111d9043394be0fe13adc701f5c04ffdbd06b26bfe9741435d4a0899ea3defcfd4acb9d66a83bc499c679bccae75f0c5e213b2a2a2c63353ad9734e52a8e44f364ef48cc6090c204331c58a10386bbf171696a89c4975b855e0a145a0c109924e3c7e780086497dea8b63564f2839de630885a5677f758afd3c27ad2cc1a8d0cb46a89f27b2b8217ad6975f91ea97033c750deaa6d151745e87a1952a8e5dd6bfc09f845602e33cdfa26b3d18041102c04ae4fe44878552f7204d737eb5bae6c1e8ecf926bb7a99408614c31f5b5698ce11a442d2ecfc028a2a4b2d85f
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(126822);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/03");
script_cve_id("CVE-2019-1831");
script_bugtraq_id(108021);
script_xref(name:"CISCO-BUG-ID", value:"CSCvo01349");
script_xref(name:"CISCO-BUG-ID", value:"CSCvo78686");
script_xref(name:"CISCO-SA", value:"cisco-sa-20190417-esa-filter-bypass");
script_xref(name:"IAVA", value:"2019-A-0243-S");
script_name(english:"Cisco Email Security Appliance Content Filter Bypass Vulnerability (cisco-sa-20190417-esa-filter-bypass)");
script_summary(english:"Checks the version of Cisco Email Security Appliance (ESA)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco Email Security Appliance
(ESA) is affected by following vulnerability
- A vulnerability in the email message scanning of Cisco
AsyncOS Software for Cisco Email Security Appliance
(ESA) could allow an unauthenticated, remote attacker to
bypass configured content filters on the device.The
vulnerability is due to improper input validation of the
email body. An attacker could exploit this vulnerability
by inserting specific character strings in the message.
A successful exploit could allow the attacker to bypass
configured content filters that would normally drop the
email. (CVE-2019-1831)
Please see the included Cisco BIDs and Cisco Security Advisory for
more information");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-esa-filter-bypass
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?911278c6");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo01349");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvo78686");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco Security Advisory
cisco-sa-20190417-esa-filter-bypass");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-1831");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/17");
script_set_attribute(attribute:"patch_publication_date", value:"2019/04/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/19");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:email_security_appliance_(esa)");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_esa_version.nasl");
script_require_keys("Host/AsyncOS/Cisco Email Security Appliance/Version", "Settings/ParanoidReport");
exit(0);
}
include('audit.inc');
include('cisco_workarounds.inc');
include('ccf.inc');
if (report_paranoia < 2) audit(AUDIT_PARANOID);
product_info = cisco::get_product_info(name:'Cisco Email Security Appliance (ESA)');
version_list = make_list(
'11.1.0.131',
'11.1.2.023',
'12.0.0.208'
);
workarounds = make_list(CISCO_WORKAROUNDS['no_workaround']);
workaround_params = make_list();
reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['display_version'],
'bug_id' , 'CSCvo01349, CSCvo78686'
);
cisco::check_and_report(product_info:product_info, workarounds:workarounds, workaround_params:workaround_params, reporting:reporting, vuln_versions:version_list);
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS
Percentile
40.3%