CVE-2021-1566

{"id": "CVE-2021-1566", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2021-06-16T18:15:08.710", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-296"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests."}, {"lang": "es", "value": "Una vulnerabilidad en la integraci\u00f3n de Cisco Advanced Malware Protection (AMP) for Endpoints de Cisco AsyncOS para Cisco Email Security Appliance (ESA) y Cisco Web Security Appliance (WSA) podr\u00eda permitir a un atacante remoto no autenticado interceptar el tr\u00e1fico entre un dispositivo afectado y los servidores AMP. Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada del certificado cuando un dispositivo afectado establece conexiones TLS. Un atacante tipo \"man-in-the-middle\" podr\u00eda explotar esta vulnerabilidad mediante el envio de un paquete TLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante falsificar un host confiable y luego extraer informaci\u00f3n confidencial o alterar determinadas peticiones de la API"}], "lastModified": "2024-11-21T05:44:38.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678C2C6F-6D46-4BBE-A902-7AD031D8EBA8"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C3A8C94-CD5C-4309-8F1B-B151B3D091CC", "versionEndExcluding": "12.5.3-035"}], "operator": "AND"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678C2C6F-6D46-4BBE-A902-7AD031D8EBA8"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE1DE406-EA9E-40DD-B18B-C19DF63EC13B", "versionEndExcluding": "13.0.0-030", "versionStartIncluding": "13.0"}], "operator": "AND"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:email_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678C2C6F-6D46-4BBE-A902-7AD031D8EBA8"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39DEA2BD-4772-4F8D-9CD2-1BB377ECF64B", "versionEndExcluding": "13.5.3-010", "versionStartIncluding": "13.5"}], "operator": "AND"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C2555C-7E97-475F-9EDC-027B51A40708"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33FDC1BE-F1C3-4030-82CE-38D99DC30B5B", "versionEndExcluding": "11.8.3-021"}], "operator": "AND"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C2555C-7E97-475F-9EDC-027B51A40708"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1CC6572-4281-45E1-9B33-6993B45E6B4F", "versionEndExcluding": "12.0.3-005", "versionStartIncluding": "12.0.0"}], "operator": "AND"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C2555C-7E97-475F-9EDC-027B51A40708"}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA889DAF-1699-4A22-8A4C-D589F7BF10A8", "versionEndExcluding": "12.5.1-043", "versionStartIncluding": "12.5.0"}], "operator": "AND"}]}], "sourceIdentifier": "ykramarz@cisco.com"}