Vulnerability in Cisco Asyncos
CVE-2015-0605
The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug…
EPSS: 0.006 (69.4th percentile) — read the EPSS interpretation.
Affected products
- Cisco Asyncos
- Cisco Email_security_appliance_firmware
- N/a — versions n/a
Weakness classification (CWE)
References
- 72528 (vdb-entry, x_refsource_BID)
- 62829 (x_refsource_SECUNIA, third-party-advisory)
- 20150206 Cisco AsyncOS Software Uuencoded Email Filtering Bypass Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- cisco-asyncos-cve20150605-sec-bypass(100695) (vdb-entry, x_refsource_XF)