Detections
Analytics

Cisco AsyncOS for Email Security Appliances Software Remote Code Execution (CSCug79377)

high Nessus Plugin ID 73210

Language:

Synopsis

The remote security appliance is missing a vendor-supplied security patch.

Description

According to its self-reported version and configuration, the Cisco AsyncOS running on the remote Cisco Email Security (ESA) appliance is affected by a remote code execution vulnerability in the Safelist/Blocklist (SLBL) function due to improper handling of SLBL database files. An authenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the 'root' user.

Solution

Apply the relevant update referenced in Cisco Security Advisory cisco-sa-20140319-asyncos.

See Also

http://www.nessus.org/u?c66d063e

Plugin Details

Severity: High

ID: 73210

File Name: cisco-sa-20140319-esa.nasl

Version: 1.14

Type: local

Family: CISCO

Published: 3/26/2014

Updated: 3/5/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:email_security_appliance, cpe:/o:cisco:email_security_appliance_firmware

Required KB Items: Host/AsyncOS/Cisco Email Security Appliance/DisplayVersion, Host/AsyncOS/Cisco Email Security Appliance/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/6/2013

Vulnerability Publication Date: 3/19/2014

Reference Information

CVE: CVE-2014-2119

BID: 66309

CISCO-SA: cisco-sa-20140319-asyncos

CISCO-BUG-ID: CSCug79377