Vulnerability Details : CVE-2021-1516

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.

Published 2021-05-06 13:15:11

Updated 2021-05-14 20:21:36

Source Cisco Systems, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2021-1516

Probability of exploitation activity in the next 30 days: 0.16%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-1516

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N	8.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
4.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	2.8	1.4	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2021-1516

CWE-540 Inclusion of Sensitive Information in Source Code

Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.

Assigned by: [email protected] (Primary)

References for CVE-2021-1516

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-gY2AEz2H

Vendor Advisory

Products affected by CVE-2021-1516

Cisco » Web Security Appliance » Version: N/A
cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Asyncos
Cisco » Content Security Management Appliance » Version: N/A
cpe:2.3:a:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Asyncos
Cisco » Email Security Appliance » Version: N/A
cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Asyncos
Cisco » Ironport Web Security Appliance » Version: 13.6.2-023
cpe:2.3:a:cisco:ironport_web_security_appliance:13.6.2-023:*:*:*:*:*:*:*
Matching versions
Cisco » Ironport Web Security Appliance » Version: 14.0.0-090
cpe:2.3:a:cisco:ironport_web_security_appliance:14.0.0-090:*:*:*:*:*:*:*
Matching versions
Cisco » Ironport Web Security Appliance » Version: 14.0.0-133
cpe:2.3:a:cisco:ironport_web_security_appliance:14.0.0-133:*:*:*:*:*:*:*
Matching versions
Cisco » Ironport Web Security Appliance » Version: 14.0.0-292
cpe:2.3:a:cisco:ironport_web_security_appliance:14.0.0-292:*:*:*:*:*:*:*
Matching versions
Cisco » Ironport Web Security Appliance » Version: 14.0.0-300
cpe:2.3:a:cisco:ironport_web_security_appliance:14.0.0-300:*:*:*:*:*:*:*
Matching versions