CVE-2018-15460 (GCVE-0-2018-15460)
Vulnerability from cvelistv5
Published
2019-01-10 22:00
Modified
2024-11-19 19:18
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/106507Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/106507Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dosVendor Advisory
Impacted products
Vendor Product Version
Cisco Cisco Email Security Appliance (ESA) Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T09:54:03.555Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "106507",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/106507",
               },
               {
                  name: "20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-15460",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-19T17:25:38.880008Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-19T19:18:15.792Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Email Security Appliance (ESA)",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2019-01-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-01-11T10:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "106507",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/106507",
            },
            {
               name: "20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos",
            },
         ],
         source: {
            advisory: "cisco-sa-20190109-esa-url-dos",
            defect: [
               [
                  "CSCvm81627",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-01-09T16:00:00-0800",
               ID: "CVE-2018-15460",
               STATE: "PUBLIC",
               TITLE: "Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco Email Security Appliance (ESA)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "106507",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/106507",
                  },
                  {
                     name: "20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190109-esa-url-dos",
               defect: [
                  [
                     "CSCvm81627",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-15460",
      datePublished: "2019-01-10T22:00:00Z",
      dateReserved: "2018-08-17T00:00:00",
      dateUpdated: "2024-11-19T19:18:15.792Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.0.2-044_md\", \"matchCriteriaId\": \"8B8FDFFB-2C0D-4D16-9EBB-E7D2C8146510\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.1.0\", \"versionEndExcluding\": \"11.1.2-023_md\", \"matchCriteriaId\": \"E00BFAD3-004E-4F6F-BA74-ACB6AD05970A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:email_security_appliance:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3DD0BAE-272E-4B9F-8F3B-B6091DEA5E33\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funcionalidad de filtrado de mensajes de correo electr\\u00f3nico de Cisco AsyncOS Software para Cisco Email Security Appliances (ESA) podr\\u00eda permitir que un atacante remoto no autenticado aumente el uso de la CPU hasta el 100 por ciento, provocando una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe al filtrado incorrecto de mensajes de email que contienen referencias a URL en lista blanca. Un atacante podr\\u00eda explotar esta vulnerabilidad enviando un mensaje de correo electr\\u00f3nico malicioso que contiene un gran n\\u00famero de URL en lista blanca. Su explotaci\\u00f3n con \\u00e9xito podr\\u00eda permitir que el atacante provoque una condici\\u00f3n continuada de denegaci\\u00f3n de servicio (DoS) que podr\\u00eda forzar al dispositivo afectado a que pare de escanear y reenviar mensajes de correo electr\\u00f3nico.\"}]",
         id: "CVE-2018-15460",
         lastModified: "2024-11-21T03:50:51.233",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2019-01-10T22:29:00.237",
         references: "[{\"url\": \"http://www.securityfocus.com/bid/106507\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106507\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
         sourceIdentifier: "ykramarz@cisco.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2018-15460\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2019-01-10T22:29:00.237\",\"lastModified\":\"2024-11-21T03:50:51.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de filtrado de mensajes de correo electrónico de Cisco AsyncOS Software para Cisco Email Security Appliances (ESA) podría permitir que un atacante remoto no autenticado aumente el uso de la CPU hasta el 100 por ciento, provocando una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe al filtrado incorrecto de mensajes de email que contienen referencias a URL en lista blanca. Un atacante podría explotar esta vulnerabilidad enviando un mensaje de correo electrónico malicioso que contiene un gran número de URL en lista blanca. Su explotación con éxito podría permitir que el atacante provoque una condición continuada de denegación de servicio (DoS) que podría forzar al dispositivo afectado a que pare de escanear y reenviar mensajes de correo electrónico.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0.2-044_md\",\"matchCriteriaId\":\"8B8FDFFB-2C0D-4D16-9EBB-E7D2C8146510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndExcluding\":\"11.1.2-023_md\",\"matchCriteriaId\":\"E00BFAD3-004E-4F6F-BA74-ACB6AD05970A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:email_security_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3DD0BAE-272E-4B9F-8F3B-B6091DEA5E33\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106507\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106507\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/106507\", \"name\": \"106507\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\", \"name\": \"20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T09:54:03.555Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-15460\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-19T17:25:38.880008Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-19T17:26:07.071Z\"}}], \"cna\": {\"title\": \"Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvm81627\"]], \"advisory\": \"cisco-sa-20190109-esa-url-dos\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"CHANGED\", \"version\": \"3.0\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Email Security Appliance (ESA)\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-01-09T00:00:00\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/106507\", \"name\": \"106507\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\", \"name\": \"20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-01-11T10:57:01\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"8.6\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\"}}, \"source\": {\"defect\": [[\"CSCvm81627\"]], \"advisory\": \"cisco-sa-20190109-esa-url-dos\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Email Security Appliance (ESA)\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/106507\", \"name\": \"106507\", \"refsource\": \"BID\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos\", \"name\": \"20190109 Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-15460\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-01-09T16:00:00-0800\"}}}}",
         cveMetadata: "{\"cveId\": \"CVE-2018-15460\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-19T19:18:15.792Z\", \"dateReserved\": \"2018-08-17T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-01-10T22:00:00Z\", \"assignerShortName\": \"cisco\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.