Bypassing Drop Filter in Cisco Email Security Appliance

Bypassing Drop Filter in Cisco Email Security Appliance

CVE-2016-6357 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass a configured drop filter by using an email with a corrupted attachment. More Information: CSCuz01651. Known Affected Releases: 10.0.9-015 9.7.1-066 9.9.6-026.

Learn more about our Cis Benchmark Audit For Cisco.