First published: Thu Nov 16 2017(Updated: )
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the targeted device. An exploit could allow the attacker to bypass a configured AMP file filter. Cisco Bug IDs: CSCvf52943.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco AsyncOS | =10.1.1-234 | |
Cisco AsyncOS | =10.1.1-235 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-12303 is a vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA).
CVE-2017-12303 allows an unauthenticated, remote attacker to bypass a configured AMP file filtering rule.
CVE-2017-12303 affects zipped or archived file types.
CVE-2017-12303 has a severity rating of medium, with a severity value of 5.3.
To fix CVE-2017-12303, Cisco recommends upgrading to version 10.1.1-236 or later of Cisco AsyncOS Software.