Vulnslist

find the latest Cisco vulnerabilities

Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability

cisco-sa-20171115-wsa · Medium · Published · Updated

A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the targeted device. An exploit could allow the attacker to bypass a configured AMP file filter. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsa

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-12303
Cisco Bug IDsCSCvf52943
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Web Security Appliance (WSA), Cisco Secure Web Appliance

Related Products

Product CVE Evidence
Cisco Web Security Appliance (WSA) CVE-2017-12303 Cisco OpenVuln
Cisco Secure Web Appliance CVE-2017-12303 Cisco OpenVuln