CVE-2014-3381

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=36062	Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381	Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=36062	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:07

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381 - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381 - Vendor Advisory
References	~~() http://tools.cisco.com/security/center/viewAlert.x?alertId=36062 - Vendor Advisory~~	() http://tools.cisco.com/security/center/viewAlert.x?alertId=36062 - Vendor Advisory

Information

Published : 2014-10-19 01:55

Updated : 2024-11-21 02:07

NVD link : CVE-2014-3381

Mitre link : CVE-2014-3381

CVE.ORG link : CVE-2014-3381

JSON object : View

Products Affected

cisco

asyncos

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2014-3381", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-19T01:55:13.607", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36062", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934."}, {"lang": "es", "value": "El motor de inspecci\u00f3n ZIP en Cisco AsyncOS 8.5 y anteriores en Cisco Email Security Appliance (ESA) no analiza correctamente los archivos ZIP, lo que permite a atacantes remotos evadir la filtraci\u00f3n de malware a trav\u00e9s de un archivo manipulado, tambi\u00e9n conocido como Bug ID CSCup07934."}], "lastModified": "2024-11-21T02:07:58.787", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1ED121A-E76C-4256-A2BB-B44E9FC85B9B", "versionEndIncluding": "8.5"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}