CVE-2021-34741 – Cisco Email Security Appliance Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2021-34741

04 Nov 2021 — A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack against an affected device. This vulnerability is due to insufficient input validation of incoming emails. An attacker could exploit this vulnerability by sending a crafted email through Cisco ESA. A successful exploit could allow the attacker to exhaust all the available CPU resources on an affected dev... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-JOm9ETfO • CWE-770: Allocation of Resources Without Limits or Throttling •