CVE-2014-2195 - Vulnerability Details - OpenCVE

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Asyncos Content Security Management Appliance Email Security Appliance Firmware

Configuration 1 [-]

AND

cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:content_security_management_appliance:-:::::::*
	cpe:2.3:o:cisco:email_security_appliance_firmware:-:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195
http://www.securitytracker.com/id/1030258

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2014-05-20T10:00:00

Updated: 2024-08-06T10:05:59.853Z

Reserved: 2014-02-25T00:00:00

Link: CVE-2014-2195

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-05-20T11:13:37.593

Modified: 2024-11-21T02:05:49.797

Link: CVE-2014-2195

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-06-16T13:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20140519 Cisco AsyncOS Software Administration Role Authorization Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195"}, {"name": "1030258", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030258"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2014-2195", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20140519 Cisco AsyncOS Software Administration Role Authorization Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195"}, {"name": "1030258", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030258"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:05:59.853Z"}, "title": "CVE Program Container", "references": [{"name": "20140519 Cisco AsyncOS Software Administration Role Authorization Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195"}, {"name": "1030258", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1030258"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2014-2195", "datePublished": "2014-05-20T10:00:00", "dateReserved": "2014-02-25T00:00:00", "dateUpdated": "2024-08-06T10:05:59.853Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*", "matchCriteriaId": "87AA6AB8-12B9-4810-9D06-01EEBF7B01C9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:content_security_management_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "60635EC8-9AFA-400D-A919-66E60CDEF852", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5BA3A518-E103-4D98-A040-88ED4E0D73CC", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085."}, {"lang": "es", "value": "Cisco AsyncOS en dispositivos Email Security Appliance (ESA) y Content Security Management Appliance (SMA), cuando Active Directory est\u00e1 habilitado, no maneja debidamente nombres de grupos, lo que permite a atacantes remotos ganar privilegios de rol mediante el aprovechamiento de similaridades entre nombres de grupos, tambi\u00e9n conocido como Bug ID CSCum86085."}], "id": "CVE-2014-2195", "lastModified": "2024-11-21T02:05:49.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-05-20T11:13:37.593", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1030258"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2195"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1030258"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}