CVE-2017-12303

{"id": "CVE-2017-12303", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-11-16T07:29:00.430", "references": [{"url": "http://www.securityfocus.com/bid/101932", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1039828", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsa", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-358"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-358"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the targeted device. An exploit could allow the attacker to bypass a configured AMP file filter. Cisco Bug IDs: CSCvf52943."}, {"lang": "es", "value": "Una vulnerabilidad en la caracter\u00edstica de filtrado de archivos Advanced Malware Protection (AMP) de Cisco AsyncOS Software para Cisco Web Security Appliance (WSA) podr\u00eda permitir que un atacante remoto sin autenticar omita una regla de filtrado de archivos AMP configurada. Los tipos de archivo que se han visto afectados son los comprimidos o zip. La vulnerabilidad se debe a los valores hash de archivo incorrectos y diferentes cuando AMP escanea el archivo. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un archivo adjunto de correo electr\u00f3nico manipulado al dispositivo objetivo. Un exploit podr\u00eda permitir que el atacante omita un filtro de archivos AMP configurado. Cisco Bug IDs: CSCvf52943."}], "lastModified": "2019-10-09T23:22:53.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:10.1.1-234:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13CDDB37-3A0A-4F80-8356-32DDB95050A2"}, {"criteria": "cpe:2.3:o:cisco:asyncos:10.1.1-235:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC59E598-B7FE-4C19-B840-7E40C75A8F89"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}