CVE-2017-6671
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020 9.8.1-015.
Una vulnerabilidad en el escaneo de mensajes de correo electrónico de Cisco AsyncOS Software para Cisco Email Security Appliance (ESA) podría permitir a un atacante remoto no autenticado omitir los filtros configurados en el dispositivo, como lo demuestra el Attachment Filter. Más información: CSCvd34632. Versiones afectadas conocidas: 10.0.1-087 y 9.7.1-066. Versiones solucionadas conocidas: 10.0.2-020 y 9.8.1-015
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-06-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/98969 | Third Party Advisory | |
http://www.securitytracker.com/id/1038635 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esa1 | 2017-11-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.7.1-066 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.7.1-066" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 10.0.1-087 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "10.0.1-087" | - |
Affected
|