CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3818

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. More Information: CSCvb65245. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 9.8.0-092.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.4%

CVSS Severity

CVSS v3 Score 5.8

CVSS v2 Score 5.0

References

Products affected by CVE-2017-3818

Cisco » Email Security Appliance Firmware » Version: 9.7.1-066

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.1-066

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3818

Products

Pricing

Contact Us