Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails

Cisco Email Security Appliances

Cisco has released security updates to contain three
vulnerabilities affecting its products, including one high-severity
flaw in its Email Security Appliance (ESA) that could result in a
denial-of-service (DoS) condition on an affected device.

The weakness, assigned the identifier CVE-2022-20653 (CVSS
score: 7.5), stems from a case of insufficient error handling in
DNS[1]
name resolution that could be abused by an unauthenticated, remote
attacker to send a specially crafted email message and cause a
DoS.

Automatic GitHub Backups

“A successful exploit could allow the attacker to cause the
device to become unreachable from management interfaces or to
process additional email messages for a period of time until the
device recovers, resulting in a DoS condition,” the company
said[2]
in an advisory. “Continued attacks could cause the device to become
completely unavailable, resulting in a persistent DoS
condition.”

The flaw impacts Cisco ESA devices running Cisco AsyncOS
Software running versions 14.0, 13.5, 13.0, 12.5 and earlier and
have the “DANE feature enabled and with the downstream mail servers
configured to send bounce messages.” DANE[3]
is short for DNS-based Authentication of Named Entities, which is
used for outbound mail validation.

Cisco credited researchers from ICT service provider
Rijksoverheid Dienst ICT Uitvoering (DICTU) for reporting the
vulnerability, while pointing out that it’s not found any evidence
of malicious exploitation.

Separately, the networking equipment maker also addressed two
other flaws in its Prime Infrastructure and Evolved Programmable
Network Manager and Redundancy Configuration Manager that could
enable an adversary to execute arbitrary code and cause a DoS
condition –

Prevent Data Breaches

  • CVE-2022-20659[4] (CVSS score: 6.1) –
    Cisco Prime Infrastructure and Evolved Programmable Network Manager
    cross-site scripting (XSS) vulnerability
  • CVE-2022-20750[5] (CVSS score: 5.3) –
    Cisco Redundancy Configuration Manager for Cisco StarOS Software
    TCP denial-of-service (DoS) vulnerability

The fixes also come weeks after Cisco published patches[6]
for multiple critical security vulnerabilities impacting its RV
Series routers , some of which earned the highest possible CVSS
severity score ratings of 10, that could be weaponized to elevate
privileges and execute arbitrary code on affected systems.

References

  1. ^
    DNS
    (en.wikipedia.org)
  2. ^
    said
    (tools.cisco.com)
  3. ^
    DANE
    (www.cisco.com)
  4. ^
    CVE-2022-20659
    (tools.cisco.com)
  5. ^
    CVE-2022-20750
    (tools.cisco.com)
  6. ^
    published patches
    (thehackernews.com)

Read more