SB2018081613 - Security restrictions bypass in Cisco Email Security Appliance
Published: August 16, 2018
Security Bulletin ID
SB2018081613
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Security restrictions bypass (CVE-ID: CVE-2018-0419)
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) due to improper detection of content within executable (EXE) files. A remote attacker can send a customized EXE file that is not recognized and blocked by the ESA., bypass the filtering functionality and send email messages that contain malicious executable files to unsuspecting users.
Remediation
Install update from vendor's website.