CVE-2018-0140 — MEDIUM (6.5)

Vulnerability Description

A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Email Security Appliance Firmware	9.8.0-112
Cisco	Email Security Appliance C160	-
Cisco	Email Security Appliance C170	-
Cisco	Email Security Appliance C190	-
Cisco	Email Security Appliance C370	-
Cisco	Email Security Appliance C370D	-
Cisco	Email Security Appliance C380	-
Cisco	Email Security Appliance C390	-
Cisco	Email Security Appliance C670	-
Cisco	Email Security Appliance C680	-
Cisco	Email Security Appliance C690	-
Cisco	Email Security Appliance C690X	-
Cisco	Email Security Appliance X1070	-
Cisco	Content Security Management Appliance	10.0.0-096
Cisco	Content Security Management Appliance Sma M190	-
Cisco	Content Security Management Appliance Sma M390	-
Cisco	Content Security Management Appliance Sma M390X	-
Cisco	Content Security Management Appliance Sma M690	-
Cisco	Content Security Management Appliance Sma M690X	-

Related Weaknesses (CWE)

CWE-425 CWE-200

References

http://www.securityfocus.com/bid/103090Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040338Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040339Third Party AdvisoryVDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
http://www.securityfocus.com/bid/103090Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040338Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1040339Third Party AdvisoryVDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory

FAQ

What is CVE-2018-0140?

CVE-2018-0140 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the ...

How severe is CVE-2018-0140?

CVE-2018-0140 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0140?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Email Security Appliance Firmware, Cisco Email Security Appliance C160, Cisco Email Security Appliance C170, Cisco Email Security Appliance C190, Cisco Email Security Appliance C370.