Cisco Security Appliances AsyncOS Software Update Server Certificate Validation Vulnerability

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server.

The vulnerability is due to a lack of certificate validation during the HTTPS connection toward the repository from which the update manifests are retrieved. An attacker could exploit this vulnerability by performing a man-in-the-middle attack (such as DNS hijacking) and impersonating the update server.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2hgMxoC A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server.

The vulnerability is due to a lack of certificate validation during the HTTPS connection toward the repository from which the update manifests are retrieved. An attacker could exploit this vulnerability by performing a man-in-the-middle attack (such as DNS hijacking) and impersonating the update server.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2hgMxoC
Security Impact Rating: Medium
CVE: CVE-2016-1411

from Cisco Security Advisory http://ift.tt/2hgMxoC