CVE-2017-12215 : A vulnerability in the email message filtering feature of Cisco AsyncOS Software

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to run out of memory and stop scanning and forwarding email messages. When system memory is depleted, it can cause the filtering process to crash, resulting in a denial of service (DoS) condition on the device. This vulnerability affects software version 9.0 through the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. Cisco Bug IDs: CSCvd29354.

Published 2017-09-21 05:29:00

Updated 2019-10-09 23:22:29

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2017-12215

Cisco » Asyncos » Version: 9.5
cpe:2.3:o:cisco:asyncos:9.5:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.6
cpe:2.3:o:cisco:asyncos:9.6:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.7
cpe:2.3:o:cisco:asyncos:9.7:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.8
cpe:2.3:o:cisco:asyncos:9.8:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.1
cpe:2.3:o:cisco:asyncos:9.1:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.0
cpe:2.3:o:cisco:asyncos:9.0:*:*:*:*:*:*:*
Matching versions
Cisco » Asyncos » Version: 9.1.2
cpe:2.3:o:cisco:asyncos:9.1.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-12215

EPSS FAQ

0.89%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-12215

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.1	HIGH	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H	2.5	4.0	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2017-12215

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)

References for CVE-2017-12215

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-esa

Cisco Email Security Appliance Denial of Service Vulnerability
Vendor Advisory
http://www.securitytracker.com/id/1039414

Cisco Email Security Appliance Attachment Processing Bug Lets Remote Users Consume Excessive Memory Resources - SecurityTracker
Third Party Advisory;VDB Entry
http://www.securityfocus.com/bid/100920

Cisco AsyncOS Software CVE-2017-12215 Remote Denial of Service Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2017-12215

Products affected by CVE-2017-12215

Exploit prediction scoring system (EPSS) score for CVE-2017-12215

CVSS scores for CVE-2017-12215

CWE ids for CVE-2017-12215

References for CVE-2017-12215