CVE-2019-1983

MEDIUM

Cisco Email Security Appliance DoS via Crafted Email Attachment

Title source: llm
STIX 2.1

Description

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of email attachments. An attacker could exploit this vulnerability by sending an email message with a crafted attachment through an affected device. A successful exploit could allow the attacker to cause specific processes to crash repeatedly, resulting in the complete unavailability of both the Cisco Advanced Malware Protection (AMP) and message tracking features and in severe performance degradation while processing email. After the affected processes restart, the software resumes filtering for the same attachment, causing the affected processes to crash and restart again. A successful exploit could also allow the attacker to cause a repeated DoS condition. Manual intervention may be required to recover from this situation.

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0186
EPSS Percentile 76.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (4)
cisco/asyncos < 11.0.1-161
cisco/content_security_management_appliance 11.4.0-812
cisco/email_security_appliance 11.0.1-hp5-602
cisco/email_security_appliance 11.1.0-404
Published Sep 23, 2020
Tracked Since Feb 18, 2026