Cisco Email Security Appliance Header Bypass Vulnerability

A vulnerability in the Simple Mail Transfer Protocol (SMTP) header filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper handling of a malformed SMTP header in an email received on an affected device. An attacker could exploit this vulnerability by sending an email containing a crafted SMTP header. A successful exploit could allow the attacker to bypass the configured ESA content filtering mechanisms, allowing some email clients to display the malformed header information from the email message.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa”]