CVE-2017-6671

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:email_security_appliance_firmware:9.7.1-066:*:*:*:*:*:*:*
cpe:2.3:a:cisco:email_security_appliance_firmware:10.0.1-087:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-13 06:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-6671

Mitre link : CVE-2017-6671

CVE.ORG link : CVE-2017-6671


JSON object : View

Products Affected

cisco

  • email_security_appliance_firmware
CWE
CWE-20

Improper Input Validation