CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6671
https://notcve.org/view.php?id=CVE-2017-6671
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015. Una vulnerabilidad en el escaneo de mensajes de correo electrónico de Cisco AsyncOS Software para Cisco Email Security Appliance (ESA) podría permitir a un atacante remoto no autenticado omitir los filtros configurados en el dispositivo, como lo demuestra el Attachment Filter. • http://www.securityfocus.com/bid/98969 http://www.securitytracker.com/id/1038635 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esa1 • CWE-20: Improper Input Validation •