CVE-2018-0447
Summary
| CVE | CVE-2018-0447 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-10-05 14:29:00 UTC |
| Updated | 2019-10-09 23:32:00 UTC |
| Description | A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Email Security Appliance | - | All | All | All |
| Application | Cisco | Email Security Appliance | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Email Security Appliance Sender Policy Framework Message Processing Bug Lets Remote Users Bypass Security Restrictions on the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Cisco AsyncOS for Email Security Appliance CVE-2018-0447 Remote Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Cisco Email Security Appliance URL Filtering Bypass Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.