Rewterz Threat Advisory – CVE-2019-1876 – Cisco WAAS (Wide Area Application Services) HTTPS Proxy Security Bypass Vulnerability

Rewterz Threat Advisory – CVE-2019-1905 – Cisco Email Security Appliance AsyncOS GZIP Content Filter Security Bypass Vulnerability

June 20, 2019

Rewterz Threat Advisory – CVE-2019-1631 – Cisco UCS C-Series Rack Servers IMC System Information Disclosure Vulnerability

June 20, 2019

Rewterz Threat Advisory – CVE-2019-1876 – Cisco WAAS (Wide Area Application Services) HTTPS Proxy Security Bypass Vulnerability

Severity

Medium

Analysis Summary

The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exploit this vulnerability by sending a malicious HTTPS CONNECT message to the Central Manager. A successful exploit could allow the attacker to access public internet resources that would normally be blocked by corporate policies.

Impact

Security Bypass

Affected Vendors

Cisco

Affected Products

Cisco WAAS (Wide Area Application Services) 5.x
Cisco WAAS (Wide Area Application Services) 6.x

Remediation

Please see vendor’s advisory for more details as the bug report CSCvo13639 indicates a fixed status.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-waas-authbypass

Rewterz Threat Advisory – CVE-2019-1905 – Cisco Email Security Appliance AsyncOS GZIP Content Filter Security Bypass Vulnerability

Rewterz Threat Advisory – CVE-2019-1631 – Cisco UCS C-Series Rack Servers IMC System Information Disclosure Vulnerability

Rewterz Threat Advisory – CVE-2019-1876 – Cisco WAAS (Wide Area Application Services) HTTPS Proxy Security Bypass Vulnerability

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan