CVE-2014-2195

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195	Vendor Advisory
http://www.securitytracker.com/id/1030258	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:content_security_management_appliance:-:::::::*
	cpe:2.3:o:cisco:email_security_appliance_firmware:-:::::::*

History

No history.

Information

Published : 2014-05-20 11:13

Updated : 2024-02-04 18:35

NVD link : CVE-2014-2195

Mitre link : CVE-2014-2195

CVE.ORG link : CVE-2014-2195

JSON object : View

Products Affected

cisco

email_security_appliance_firmware
asyncos
content_security_management_appliance

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2014-2195", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-05-20T11:13:37.593", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1030258", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085."}, {"lang": "es", "value": "Cisco AsyncOS en dispositivos Email Security Appliance (ESA) y Content Security Management Appliance (SMA), cuando Active Directory est\u00e1 habilitado, no maneja debidamente nombres de grupos, lo que permite a atacantes remotos ganar privilegios de rol mediante el aprovechamiento de similaridades entre nombres de grupos, tambi\u00e9n conocido como Bug ID CSCum86085."}], "lastModified": "2018-10-30T16:27:22.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87AA6AB8-12B9-4810-9D06-01EEBF7B01C9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60635EC8-9AFA-400D-A919-66E60CDEF852"}, {"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BA3A518-E103-4D98-A040-88ED4E0D73CC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}