Lucene search

[email protected]NVD:CVE-2015-0605

HistoryFeb 07, 2015 - 4:59 a.m.

CVE-2015-0605

2015-02-0704:59:09

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.

Affected configurations

Nvd

Node

ciscoasyncosRange≤8.5

AND

ciscoemail_security_appliance_firmwareMatch-

VendorProductVersionCPE
ciscoasyncos*cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*
ciscoemail_security_appliance_firmware-cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asyncos	*	cpe:2.3:o:cisco:asyncos::::::::
cisco	email_security_appliance_firmware	-	cpe:2.3:o:cisco:email_security_appliance_firmware:-:::::::*

References

secunia.com/advisories/62829

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0605

tools.cisco.com/security/center/viewAlert.x?alertId=37384

www.securityfocus.com/bid/72528

exchange.xforce.ibmcloud.com/vulnerabilities/100695

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

Related for NVD:CVE-2015-0605

cvelist1 cisco1 prion1 cve1