Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
low complexity
cisco
nessus
Published: 2017-11-30
Updated: 2019-10-09
Summary
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass configured user filters to drop the email. The malformed MIME headers may not be RFC compliant. However, some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device. Cisco Bug IDs: CSCvf44666.
Vulnerable Configurations
| Part | Description | Count |
| OS | Cisco | 1 |
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20171129-ESA.NASL |
| description | According to its self-reported version, the Cisco Email Security Appliance (ESA) is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 105257 |
| published | 2017-12-14 |
| reporter | This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/105257 |
| title | Cisco Email Security Appliance Filter Bypass Vulnerability |