CVE-2014-2119 - OpenCVE

The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Ironport Asyncos Email Security Appliance Firmware Content Security Management Appliance

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ironport_asyncos::::::::
	cpe:2.3:o:cisco:ironport_asyncos:8.0:::::::*
	cpe:2.3:o:cisco:ironport_asyncos:8.0.1:::::::*
	cpe:2.3:o:cisco:ironport_asyncos:8.1:::::::*

cpe:2.3:h:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:ironport_asyncos::::::::
	cpe:2.3:o:cisco:ironport_asyncos:8.0:::::::*
	cpe:2.3:o:cisco:ironport_asyncos:8.0.1:::::::*

cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2014-03-20T20:00:00

Updated: 2014-03-20T19:57:00

Reserved: 2014-02-25T00:00:00

Link: CVE-2014-2119

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-03-21T01:04:02.937

Modified: 2018-10-30T16:27:22.513

Link: CVE-2014-2119

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-03-19T00:00:00", "descriptions": [{"lang": "en", "value": "The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-03-20T19:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20140319 Cisco AsyncOS Software Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2014-2119", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20140319 Cisco AsyncOS Software Code Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2014-2119", "datePublished": "2014-03-20T20:00:00", "dateReserved": "2014-02-25T00:00:00", "dateUpdated": "2014-03-20T19:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ironport_asyncos:*:*:*:*:*:*:*:*", "matchCriteriaId": "29D12C74-EB0D-4FE2-936E-06D7080C584A", "versionEndIncluding": "7.9.1-039", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEBB85CD-0DE0-49CF-80F2-4E343F3E151E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5165DB3A-40BC-4179-A7DE-92CD2E6784D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CD06A8A-9708-4E53-BEC8-C43938BB336C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "60635EC8-9AFA-400D-A919-66E60CDEF852", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ironport_asyncos:*:*:*:*:*:*:*:*", "matchCriteriaId": "B88B09B9-3F50-4A40-9F54-D36E8E511F8B", "versionEndIncluding": "7.6.2-201", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEBB85CD-0DE0-49CF-80F2-4E343F3E151E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5165DB3A-40BC-4179-A7DE-92CD2E6784D6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5BA3A518-E103-4D98-A040-88ED4E0D73CC", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118."}, {"lang": "es", "value": "El servicio End User Safelist/Blocklist (tambi\u00e9n conocido como SLBL) en el software Cisco AsyncOS para Email Security Appliance (ESA) anterior a 7.6.3-023 y 8.x anterior a 8.0.1-023 y Cisco Content Security Management Appliance (SMA) anterior a 7.9.1-110 y 8.x anterior a 8.1.1-013 permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario con privilegios root a trav\u00e9s de una sesi\u00f3n FTP que sube un archivo de base de datos SLBL modificado, tambi\u00e9n conocido como Bug IDs CSCug79377 y CSCug80118."}], "id": "CVE-2014-2119", "lastModified": "2018-10-30T16:27:22.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-03-21T01:04:02.937", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140319-asyncos"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}