Rewterz Threat Advisory – CVE-2019-1905 – Cisco Email Security Appliance AsyncOS GZIP Content Filter Security Bypass Vulnerability

Rewterz Threat Alert – DHS Email Phishing Scam

June 20, 2019

Rewterz Threat Advisory – CVE-2019-1876 – Cisco WAAS (Wide Area Application Services) HTTPS Proxy Security Bypass Vulnerability

June 20, 2019

Rewterz Threat Advisory – CVE-2019-1905 – Cisco Email Security Appliance AsyncOS GZIP Content Filter Security Bypass Vulnerability

Severity

Medium

Analysis Summary

A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device.

The vulnerability is due to improper validation of GZIP-formatted files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted GZIP-compressed file. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.

Impact

Security Bypass

Affected Vendors

Cisco

Affected Products

Cisco AsyncOS
Cisco Email Security Appliance 11.x
Cisco Email Security Appliance 12.x

Remediation

Please see vendor’s advisory for more details.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-esa-bypass

Rewterz Threat Alert – DHS Email Phishing Scam

Rewterz Threat Advisory – CVE-2019-1876 – Cisco WAAS (Wide Area Application Services) HTTPS Proxy Security Bypass Vulnerability

Rewterz Threat Advisory – CVE-2019-1905 – Cisco Email Security Appliance AsyncOS GZIP Content Filter Security Bypass Vulnerability

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan