Vulnerabilities > Cisco > Email Security Appliance Firmware > 9.7.1.066

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-6671 Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 10.0.1087/9.7.1066
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter.
network
low complexity
cisco CWE-20
5.0
5.0
2017-02-03 CVE-2017-3818 Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware 9.7.1066
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass.
network
low complexity
cisco CWE-20
5.0
5.0
2016-11-19 CVE-2016-6458 Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device.
network
low complexity
cisco CWE-20
5.0
5.0