#VU71330 Security features bypass in Cisco Email Security Appliance
Vulnerability identifier: #VU71330
Vulnerability risk: Medium
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-254
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Email Security Appliance
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to bypass URL filtering.
The vulnerability exists due to improper processing of URLs. A remote attacker can bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco Email Security Appliance: All versions
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb58117
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
