CVE-2019-1983: Input Validation
First published: Wed Sep 23 2020(Updated: )
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of email attachments. An attacker could exploit this vulnerability by sending an email message with a crafted attachment through an affected device. A successful exploit could allow the attacker to cause specific processes to crash repeatedly, resulting in the complete unavailability of both the Cisco Advanced Malware Protection (AMP) and message tracking features and in severe performance degradation while processing email. After the affected processes restart, the software resumes filtering for the same attachment, causing the affected processes to crash and restart again. A successful exploit could also allow the attacker to cause a repeated DoS condition. Manual intervention may be required to recover from this situation.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Content Security Management Appliance | =11.4.0-812 | |
| Cisco AsyncOS | <11.0.1-161 | |
| Cisco AsyncOS | >=12.0<=12.5.0-633 | |
| Cisco Email Security Appliance | =11.0.1-hp5-602 | |
| Cisco Email Security Appliance | =11.1.0-404 | |
| Cisco AsyncOS | <11.0.3-251 | |
| Cisco AsyncOS | >=12.0<12.5.0-059 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-1983?
CVE-2019-1983 is a vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA).
How does CVE-2019-1983 affect Cisco AsyncOS?
CVE-2019-1983 affects Cisco AsyncOS versions up to 11.0.1-161 and versions between 12.0 and 12.5.0-633.
How does CVE-2019-1983 affect Cisco Content Security Management Appliance?
CVE-2019-1983 affects Cisco Content Security Management Appliance version 11.4.0-812.
How does CVE-2019-1983 affect Cisco Email Security Appliance?
CVE-2019-1983 affects Cisco Email Security Appliance versions 11.0.1-hp5-602 and 11.1.0-404.
What is the severity level of CVE-2019-1983?
The severity level of CVE-2019-1983 is high.
What is the Common Weakness Enumeration (CWE) ID for CVE-2019-1983?
The Common Weakness Enumeration (CWE) ID for CVE-2019-1983 is 20.
How can I fix CVE-2019-1983?
To fix CVE-2019-1983, it is recommended to apply the necessary security patches provided by Cisco.
Where can I find more information about CVE-2019-1983?
You can find more information about CVE-2019-1983 on the Cisco Security Advisory page: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200219-esa-sma-dos
- collector/nvd-index
- agent/author
- agent/severity
- vendor/cisco
- canonical/cisco content security management appliance
- version/cisco content security management appliance/11.4.0-812
- canonical/cisco asyncos
- version/cisco asyncos/12.0
- version/cisco asyncos/12.5.0-633
- canonical/cisco email security appliance
- version/cisco email security appliance/11.0.1-hp5-602
- version/cisco email security appliance/11.1.0-404