CVE-2017-12303Improperly Implemented Security Check for Standard in Cisco WEB Security Appliance

CWE-358Improperly Implemented Security Check for Standard4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.4%
top 39.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco WEB Security ApplianceCisco Asyncos
Timeline
PublishedNov 16
Latest updateMay 13

Description

A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the target

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco/cisco_web_security_applianceCisco Web Security Appliance
NVDcisco/asyncos10.1.1-234, 10.1.1-235+1

🔴Vulnerability Details

2
GHSA
GHSA-3hr9-5q4c-rq22: A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could2022-05-13
CVEList
CVE-2017-12303: A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could2017-11-16

📋Vendor Advisories

1
Cisco
Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability2017-11-15
CVE-2017-12303 — Cisco vulnerability | cvebase