var-201508-0491
Vulnerability from variot
Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894. Cisco Content Security Management Appliance is prone to a privilege-escalation vulnerability. An attacker can leverage this issue to gain unauthorized access to an affected system with elevated privileges. This issue is being tracked by Cisco Bug ID CSCuv65894. This appliance is mainly used to manage all policies, reports, audit information, etc. of email and web security appliances. The following releases are affected: Cisco SMA Release 8.3.6-039, Release 9.1.0-31, Release 9.1.0-103
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0491",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "content security management appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.1.0-103"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "8.3.6-039"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.1.0-31"
},
{
"model": "content security management appliance software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "8.3.6-039"
},
{
"model": "content security management appliance software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1.0-031"
},
{
"model": "content security management appliance software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1.0-103"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.0-031"
}
],
"sources": [
{
"db": "BID",
"id": "76365"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-103:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:8.3.6-039:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4322"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "76365"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
],
"trust": 0.9
},
"cve": "CVE-2015-4322",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-4322",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-82283",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-4322",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201508-363",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82283",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82283"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user\u0027s Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894. Cisco Content Security Management Appliance is prone to a privilege-escalation vulnerability. \nAn attacker can leverage this issue to gain unauthorized access to an affected system with elevated privileges. \nThis issue is being tracked by Cisco Bug ID CSCuv65894. This appliance is mainly used to manage all policies, reports, audit information, etc. of email and web security appliances. The following releases are affected: Cisco SMA Release 8.3.6-039, Release 9.1.0-31, Release 9.1.0-103",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "BID",
"id": "76365"
},
{
"db": "VULHUB",
"id": "VHN-82283"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4322",
"trust": 2.8
},
{
"db": "BID",
"id": "76365",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1033322",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-82283",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82283"
},
{
"db": "BID",
"id": "76365"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"id": "VAR-201508-0491",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-82283"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:39:13.806000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "40450",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40450"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82283"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/76365"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40450"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033322"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4322"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4322"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40450 "
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82283"
},
{
"db": "BID",
"id": "76365"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-82283"
},
{
"db": "BID",
"id": "76365"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-82283"
},
{
"date": "2015-08-14T00:00:00",
"db": "BID",
"id": "76365"
},
{
"date": "2015-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"date": "2015-08-19T15:59:05.883000",
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"date": "2015-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-82283"
},
{
"date": "2015-08-14T00:00:00",
"db": "BID",
"id": "76365"
},
{
"date": "2015-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004362"
},
{
"date": "2017-09-20T01:29:01.123000",
"db": "NVD",
"id": "CVE-2015-4322"
},
{
"date": "2015-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco content Security Management Appliance vulnerable to reading spam quarantine folders for arbitrary users",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-363"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.