Executive Summary

Title Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability
Name cisco-sa-20151104-esa2 First vendor Publication 2015-11-04
Vendor Cisco Last vendor Modification 2015-11-04
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the email message filtering feature of Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an ESA device to become unavailable due to a denial of service (DoS) condition.

The vulnerability is due to improper input validation when an email attachment contains corrupted fields and is filtered by the ESA. An attacker could exploit this vulnerability by sending a crafted email with an attachment to the ESA. A successful exploit could allow the attacker to cause a DoS condition. While the attachment is being filtered, memory is consumed at at high rate until the filtering process restarts. When the process restarts, it will resume processing the same malformed attachment and the DoS condition will continue. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

This advisory is available at the following link:


BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVjU+vYpI1I6i1Mx3AQI3Lg//UM5v2fIxL1lNXJ+jL4Gt90DoB2nATquF YWyBxvmEzoVEy8v4YlL9TP09lc/jZEVhVTP4GbK8nplCrNP/Ah+NOfXzTF7bt/er ye+WWLIOex8W6+YAalLheIhAosCCGCJLQ4nwsTCSymYqBBI6QOEJYgoLxSwUOvVs zjM+UOA8pLnRiyTHpgWtsj/sLUUZ5IItM9/RrfZ34lMlRXlydJFObGlT5fsUcWxg YWAja2jNqp2mUv0Q6MabOku23SW7tBCIkYF2VYVaZ11Sf0gFMqBeNHnRk0pz56Ok 8lzpZSXjl+wZV8UtTyZksTkrXSUYzu5OmkDHaC3QOlcJmAm1rLIE+F6PSdh0hDuI 1yfivRv8JsKZO18IN86lZLYR7ath76WqWLiQzy6/VSfkfBWBdFRE8dzObN7jzt/V rKHlI30AbA38HqkI+H3DwTLPlGABXN43kk6H+Bg8eUPKuH+7hUZfZL5J7qlM7xIe J5mNiHW2dQz2/2N6fhxjtkfr0bbl6jztLGlXh+Z6iJmAEcxUStTqlm18rHQ3aL34 rGif+IDd0eCHUQtm1eEXiO4v3paKHE0VDko6gSd3fojLQ1HDN3Wf4PovfOYGphRI x4vy5cK3gqK55OkZMuhoRz1F10njVfwA1wdvsw7SSiZ2NHsR8BRa454Fr5DTiM5k LvbY0kRKk88= =gFEa END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

Application 16

Nessus® Vulnerability Scanner

Date Description
2015-11-18 Name : The remote security appliance is missing a vendor-supplied security patch.
File : cisco-sa-20151104-aos_esa.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2015-11-19 13:25:08
  • Multiple Updates
2015-11-06 21:27:31
  • Multiple Updates
2015-11-04 21:17:51
  • First insertion