Cisco Email Security Appliance Content Filter Bypass Vulnerability (cisco-sa-20190703-esa-filterpass)
Medium Nessus Plugin ID 128034
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version, Cisco Email Security Appliance (ESA) is affected by a vulnerability in the email message scanning of Cisco AsyncOS Software due to improper input validation of certain email fields. An unauthenticated, remote attacker can exploit this vulnerability by sending a crafted email message to a recipient protected by the ESA. A successful exploit allows the attacker to bypass configured message filters and inject arbitrary scripting code inside the email body. The malicious code is not executed by default unless the recipient's email client is configured to execute scripts contained in emails.
Please see the included Cisco BID and Cisco Security Advisory for more information.
SolutionUpgrade to the relevant fixed version referenced in Cisco bug ID CSCvo55451.