Vulnerability-Lookup

CVE-2017-3870 (GCVE-0-2017-3870)

Vulnerability from cvelistv5 – Published: 2017-03-17 22:00 – Updated: 2024-08-05 14:39

Summary

Severity ?

No CVSS data available.

CWE

URL Filtering Bypass Vulnerability

Assigner

cisco

References

URL

	Vendor	Product	Version
	n/a	Cisco Web Security Appliance	Affected: Cisco Web Security Appliance

FKIE_CVE-2017-3870

Vulnerability from fkie_nvd - Published: 2017-03-17 22:59 - Updated: 2025-04-20 01:37

Severity ?

5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/96907	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1038043
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96907	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038043
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	web_security_appliance	8.5.3-069
cisco	web_security_appliance	9.1.1-074
cisco	web_security_appliance	9.1.2-010

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.3-069:*:*:*:*:*:*:*",
              "matchCriteriaId": "77DFD74F-F90B-43C9-B1E6-B9727E395540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F4D6C1-3493-400B-AAE8-E2C00AE53BE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-010:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74AFB73-5414-49C8-8209-9392E5406806",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la caracter\u00edstica de filtrado de URL de Cisco AsyncOS Software para Cisco Web Security Appliance (WSA) podr\u00eda permitir a un atacante remoto no autenticado omitir una regla de filtro de URL configurada. Productos afectados: esta vulnerabilidad afecta a todas las versiones anteriores a la primera versi\u00f3n fija de Cisco AsyncOS Software para Cisco Web Security Appliance (WSA), tanto dispositivos virtuales como de hardware, que est\u00e1n configurados con filtros de URL para el an\u00e1lisis de correo electr\u00f3nico. M\u00e1s informaci\u00f3n: CSCvc69700. Lanzamientos afectados conocidos: 8.5.3-069 9.1.1-074 9.1.2-010."
    }
  ],
  "id": "CVE-2017-3870",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-17T22:59:00.343",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96907"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1038043"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-03307

Vulnerability from cnvd - Published: 2017-03-24

Title

Cisco AsyncOS远程安全绕过漏洞（CNVD-2017-03307）

Description

Cisco AsyncOS for Web Security Appliance（WSA）是美国思科（Cisco）公司的产品，它是一套网络安全设备。Cisco AsyncOS是一套使用在这个产品中的操作系统。 Cisco AsyncOS for Web Security Applianc存在远程安全绕过漏洞。攻击者可利用此漏洞绕过安全限制并执行未授权的操作，导致进一步攻击。

Severity

中

Patch Name

Cisco AsyncOS远程安全绕过漏洞（CNVD-2017-03307）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa

Reference

http://www.securityfocus.com/bid/96907

Impacted products

Name
['Cisco Web Security Appliance (WSA)', 'Cisco AsyncOS Software 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96907"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-3870",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3870"
    }
  },
  "description": "Cisco AsyncOS for Web Security Appliance\uff08WSA\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\uff0c\u5b83\u662f\u4e00\u5957\u7f51\u7edc\u5b89\u5168\u8bbe\u5907\u3002Cisco AsyncOS\u662f\u4e00\u5957\u4f7f\u7528\u5728\u8fd9\u4e2a\u4ea7\u54c1\u4e2d\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco AsyncOS for Web Security Applianc\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5bfc\u81f4\u8fdb\u4e00\u6b65\u653b\u51fb\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-03307",
  "openTime": "2017-03-24",
  "patchDescription": "Cisco AsyncOS for Web Security Appliance\uff08WSA\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\uff0c\u5b83\u662f\u4e00\u5957\u7f51\u7edc\u5b89\u5168\u8bbe\u5907\u3002Cisco AsyncOS\u662f\u4e00\u5957\u4f7f\u7528\u5728\u8fd9\u4e2a\u4ea7\u54c1\u4e2d\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco AsyncOS for Web Security Applianc\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u5e76\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\uff0c\u5bfc\u81f4\u8fdb\u4e00\u6b65\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco AsyncOS\u8fdc\u7a0b\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2017-03307\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Web Security Appliance (WSA)",
      "Cisco AsyncOS Software 0"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/96907",
  "serverity": "\u4e2d",
  "submitTime": "2017-03-16",
  "title": "Cisco AsyncOS\u8fdc\u7a0b\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2017-03307\uff09"
}

GHSA-CX22-CJ62-6F44

Vulnerability from github – Published: 2022-05-17 02:30 – Updated: 2022-05-17 02:30

Details

Severity ?

5.8 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-3870"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-17T22:59:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010.",
  "id": "GHSA-cx22-cj62-6f44",
  "modified": "2022-05-17T02:30:12Z",
  "published": "2022-05-17T02:30:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3870"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96907"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038043"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201703-0883

Vulnerability from variot - Updated: 2025-04-20 23:37

A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010. CiscoAsyncOSforWebSecurityAppliance (WSA) is a product of Cisco Systems, Inc., which is a network security device. Cisco AsyncOS is a set of operating systems used in this product. A remote security bypass vulnerability exists in CiscoAsyncOS forWebSecurityApplianc. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized actions, resulting in further attacks. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvc69700. The vulnerability stems from the fact that the program does not fully authenticate user requests

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201703-0883",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.1.2-010"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.5.3-069"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.1.1-074"
      },
      {
        "model": "asyncos software",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "web security the appliance software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.5.3-069"
      },
      {
        "model": "web security the appliance software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.1-074"
      },
      {
        "model": "web security the appliance software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.2-010"
      },
      {
        "model": "web security appliance",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:web_security_appliance",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-3870",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-3870",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-03307",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-112073",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-3870",
            "impactScore": 1.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-3870",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-3870",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-03307",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-682",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-112073",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010. CiscoAsyncOSforWebSecurityAppliance (WSA) is a product of Cisco Systems, Inc., which is a network security device. Cisco AsyncOS is a set of operating systems used in this product. A remote security bypass vulnerability exists in CiscoAsyncOS forWebSecurityApplianc. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized actions, resulting in further attacks. This may aid in further attacks. \nThis issue is tracked by Cisco Bug ID CSCvc69700. The vulnerability stems from the fact that the program does not fully authenticate user requests",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-3870",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "96907",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1038043",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "id": "VAR-201703-0883",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      }
    ],
    "trust": 1.2985804399999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:37:58.291000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20170315-wsa",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
      },
      {
        "title": "Patch for CiscoAsyncOS Remote Security Bypass Vulnerability (CNVD-2017-03307)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/90862"
      },
      {
        "title": "Cisco Web Security Appliance AsyncOS Software Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68524"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/96907"
      },
      {
        "trust": 2.0,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170315-wsa"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1038043"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3870"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-3870"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "db": "BID",
        "id": "96907"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "date": "2017-03-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "date": "2017-03-15T00:00:00",
        "db": "BID",
        "id": "96907"
      },
      {
        "date": "2017-04-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "date": "2017-03-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "date": "2017-03-17T22:59:00.343000",
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03307"
      },
      {
        "date": "2017-07-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-112073"
      },
      {
        "date": "2017-03-16T00:03:00",
        "db": "BID",
        "id": "96907"
      },
      {
        "date": "2017-04-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      },
      {
        "date": "2017-03-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-3870"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Web Security Appliance of  Cisco AsyncOS Software  URL Already set in the filtering function  URL Vulnerabilities that bypass filter rules",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002483"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-682"
      }
    ],
    "trust": 0.6
  }
}

GSD-2017-3870

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-3870

Aliases

CVE-2017-3870

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-3870",
    "description": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010.",
    "id": "GSD-2017-3870"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-3870"
      ],
      "details": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010.",
      "id": "GSD-2017-3870",
      "modified": "2023-12-13T01:21:16.564995Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2017-3870",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Web Security Appliance",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco Web Security Appliance"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "URL Filtering Bypass Vulnerability"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
          },
          {
            "name": "96907",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96907"
          },
          {
            "name": "1038043",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038043"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:8.5.3-069:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-010:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-3870"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa"
            },
            {
              "name": "96907",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96907"
            },
            {
              "name": "1038043",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1038043"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2017-07-12T01:29Z",
      "publishedDate": "2017-03-17T22:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-3870 (GCVE-0-2017-3870)

FKIE_CVE-2017-3870

CNVD-2017-03307

GHSA-CX22-CJ62-6F44

VAR-201703-0883

GSD-2017-3870

Tags

Sightings

Nomenclature