#VU51220 Information disclosure in Cisco AsyncOS for Cisco Email Security Appliance and Cisco Content Security Management Appliance - CVE-2021-1425
Vulnerability identifier: #VU51220
Vulnerability risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco AsyncOS for Cisco Email Security Appliance
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Cisco Content Security Management Appliance
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists in the web-based management interface of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) due to confidential information is being included in HTTP requests that are exchanged between the user and the device. A remote authenticated user can gain unauthorized access to sensitive information on the system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco AsyncOS for Cisco Email Security Appliance: 12.0 - 13.6.2 066
Cisco Content Security Management Appliance: 13.0.0 187 - 13.7.0
External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw39308
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
