Cisco IronPort ESA Subject Header Length Denial of Service Vulnerability

A vulnerability in Subject header length processing on Cisco IronPort Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a limited denial of service (DoS) condition on an affected platform.

The vulnerability occurs because the appliance does not limit the length of Subject headers sent through the appliance. An attacker could exploit this vulnerability by sending multiple crafted messages across the appliance, resulting in high CPU utilization. Continued high CPU utilization may cause a DoS condition on the platform.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

If attackers successfully cause a DoS condition on an affected device, processing of incoming email may stop, impacting internal email users.