Cybersecurity specialists reported the finding of three severe flaws in three different solutions developed by tech company Cisco. Successful exploitation of these vulnerabilities would allow leaks of confidential information and denial of service (DoS) conditions.
The affected products are Cisco AsyncOS for cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance. It should be noted that the vulnerabilities have not been corrected.
Below are brief descriptions of reported flaws, in addition to their respective identification keys and scores according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-3546: This flaw exists due to insufficient validation on requests sent through the Cisco AsyncOS web management interface. According to experts, a remote threat actor can send specially designed requests to obtain the IP addresses configured on the interfaces of the affected systems.
The vulnerability is present in Cisco AsyncOS Release 13.5.1 and received a score of 4.9/10.
CVE-2020-3547: An insecure method used to mask certain passwords in the web administration interface of affected products would allow remotely authenticated malicious hackers to access the raw HTML code that is received from the interface, gaining unauthorized access to sensitive data from the target system.
This is an average severity vulnerability that received a CVSS score of 4/10. The flaw lies in the following products and versions:
- Cisco AsyncOS: 13.5.1-277
- Cisco Content Security Management Appliance: 13.6.1-193
- Cisco Web Security Appliance: 11.7.2-011
CVE-2020-3548: Inadequate processing of incoming Transport Layer Security (TLS) traffic would allow remote attackers to send specially designed TLS packets, triggering an increase in CPU resource usage, leading to a denial of service (DoS) condition.
The flaw received a score of 4.9/10, so it is considered a flaw of average severity. The vulnerability resides in AsyncOS for the Cisco Email Security Appliance, version 13.5.1-277.
Flaws can be exploited remotely by unauthenticated threat actors, but experts have not yet detected exploit attempts in real-world scenarios. However, we should remember that there are no updates to fix the flaws, so affected deployment administrators must remain alert to the release of security patches and enable any additional protection.