CVE-2020-3164

Description

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded.

Risk Information

Base Score

5.3

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score

Exploitation Probability

0.813

Associated Vulnerability

Vulnerability	OS Platform
Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability For Cisco IronPort Security Management Appliance Software	NCM
Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability For Cisco IronPort Email Security Appliance Software	NCM
Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability For Cisco IronPort Web Security Appliance Software	NCM
Improper Input Validation Vulnerability (CVE-2020-3164)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1706033	Security Update for Cisco IronPort Security Management Appliance Software 11.0.1-152
PATCH-1706003	Security Update for Cisco IronPort Email Security Appliance Software 9.7.2-131
PATCH-1706023	Security Update for Cisco IronPort Web Security Appliance Software 9.1.2-010

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234