CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12706

A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.7%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 5.0

References

Products affected by CVE-2019-12706

Cisco » Email Security Appliance Firmware » Version: N/A

cpe:2.3:o:cisco:email_security_appliance_firmware:-
Cisco » Email Security Appliance Firmware » Version: 10.0

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0
Cisco » Email Security Appliance Firmware » Version: 10.0.0-082

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-082
Cisco » Email Security Appliance Firmware » Version: 10.0.0-124

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-124
Cisco » Email Security Appliance Firmware » Version: 10.0.0-125

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-125
Cisco » Email Security Appliance Firmware » Version: 10.0.0-203

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-203
Cisco » Email Security Appliance Firmware » Version: 10.0.0-232

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-232
Cisco » Email Security Appliance Firmware » Version: 10.0.1

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.1
Cisco » Email Security Appliance Firmware » Version: 10.0.1-087

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.1-087
Cisco » Email Security Appliance Firmware » Version: 10.0.1-103

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.1-103
Cisco » Email Security Appliance Firmware » Version: 10.0.2

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.2
Cisco » Email Security Appliance Firmware » Version: 10.0.2-020

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.2-020
Cisco » Email Security Appliance Firmware » Version: 10.0.3

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.3
Cisco » Email Security Appliance Firmware » Version: 10.0.3-004

cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.3-004
Cisco » Email Security Appliance Firmware » Version: 11.0

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0
Cisco » Email Security Appliance Firmware » Version: 11.0.0-105

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.0-105
Cisco » Email Security Appliance Firmware » Version: 11.0.0-264

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.0-264
Cisco » Email Security Appliance Firmware » Version: 11.0.0-274

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.0-274
Cisco » Email Security Appliance Firmware » Version: 11.0.1

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.1
Cisco » Email Security Appliance Firmware » Version: 11.0.1-027

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.1-027
Cisco » Email Security Appliance Firmware » Version: 11.0.1-401

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.1-401
Cisco » Email Security Appliance Firmware » Version: 11.0.2

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.2
Cisco » Email Security Appliance Firmware » Version: 11.0.3

cpe:2.3:o:cisco:email_security_appliance_firmware:11.0.3
Cisco » Email Security Appliance Firmware » Version: 11.1

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1
Cisco » Email Security Appliance Firmware » Version: 11.1.0-069

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.0-069
Cisco » Email Security Appliance Firmware » Version: 11.1.0-072

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.0-072
Cisco » Email Security Appliance Firmware » Version: 11.1.0-086

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.0-086
Cisco » Email Security Appliance Firmware » Version: 11.1.0-128

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.0-128
Cisco » Email Security Appliance Firmware » Version: 11.1.0-131

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.0-131
Cisco » Email Security Appliance Firmware » Version: 11.1.1-042

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.1-042
Cisco » Email Security Appliance Firmware » Version: 11.1.2

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2
Cisco » Email Security Appliance Firmware » Version: 11.1.2-023

cpe:2.3:o:cisco:email_security_appliance_firmware:11.1.2-023
Cisco » Email Security Appliance Firmware » Version: 11.5

cpe:2.3:o:cisco:email_security_appliance_firmware:11.5
Cisco » Email Security Appliance Firmware » Version: 12.0

cpe:2.3:o:cisco:email_security_appliance_firmware:12.0
Cisco » Email Security Appliance Firmware » Version: 12.1

cpe:2.3:o:cisco:email_security_appliance_firmware:12.1
Cisco » Email Security Appliance Firmware » Version: 12.5

cpe:2.3:o:cisco:email_security_appliance_firmware:12.5
Cisco » Email Security Appliance Firmware » Version: 12.5.0

cpe:2.3:o:cisco:email_security_appliance_firmware:12.5.0
Cisco » Email Security Appliance Firmware » Version: 13.0

cpe:2.3:o:cisco:email_security_appliance_firmware:13.0
Cisco » Email Security Appliance Firmware » Version: 3.3.1-09

cpe:2.3:o:cisco:email_security_appliance_firmware:3.3.1-09
Cisco » Email Security Appliance Firmware » Version: 7.1.0

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.0
Cisco » Email Security Appliance Firmware » Version: 7.1.1

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.1
Cisco » Email Security Appliance Firmware » Version: 7.1.2

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.2
Cisco » Email Security Appliance Firmware » Version: 7.1.3

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.3
Cisco » Email Security Appliance Firmware » Version: 7.1.4

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.4
Cisco » Email Security Appliance Firmware » Version: 7.1.5

cpe:2.3:o:cisco:email_security_appliance_firmware:7.1.5
Cisco » Email Security Appliance Firmware » Version: 7.3

cpe:2.3:o:cisco:email_security_appliance_firmware:7.3
Cisco » Email Security Appliance Firmware » Version: 7.3.0

cpe:2.3:o:cisco:email_security_appliance_firmware:7.3.0
Cisco » Email Security Appliance Firmware » Version: 7.3.1

cpe:2.3:o:cisco:email_security_appliance_firmware:7.3.1
Cisco » Email Security Appliance Firmware » Version: 7.3.2

cpe:2.3:o:cisco:email_security_appliance_firmware:7.3.2
Cisco » Email Security Appliance Firmware » Version: 7.5

cpe:2.3:o:cisco:email_security_appliance_firmware:7.5
Cisco » Email Security Appliance Firmware » Version: 7.5.0

cpe:2.3:o:cisco:email_security_appliance_firmware:7.5.0
Cisco » Email Security Appliance Firmware » Version: 7.5.1

cpe:2.3:o:cisco:email_security_appliance_firmware:7.5.1
Cisco » Email Security Appliance Firmware » Version: 7.5.2

cpe:2.3:o:cisco:email_security_appliance_firmware:7.5.2
Cisco » Email Security Appliance Firmware » Version: 7.5.2-201

cpe:2.3:o:cisco:email_security_appliance_firmware:7.5.2-201
Cisco » Email Security Appliance Firmware » Version: 7.6

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6
Cisco » Email Security Appliance Firmware » Version: 7.6.0

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.0
Cisco » Email Security Appliance Firmware » Version: 7.6.1

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.1
Cisco » Email Security Appliance Firmware » Version: 7.6.1-gpl-022

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.1-gpl-022
Cisco » Email Security Appliance Firmware » Version: 7.6.2

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.2
Cisco » Email Security Appliance Firmware » Version: 7.6.3

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.3
Cisco » Email Security Appliance Firmware » Version: 7.6.3-025

cpe:2.3:o:cisco:email_security_appliance_firmware:7.6.3-025
Cisco » Email Security Appliance Firmware » Version: 7.8

cpe:2.3:o:cisco:email_security_appliance_firmware:7.8
Cisco » Email Security Appliance Firmware » Version: 7.8.0

cpe:2.3:o:cisco:email_security_appliance_firmware:7.8.0
Cisco » Email Security Appliance Firmware » Version: 8.0

cpe:2.3:o:cisco:email_security_appliance_firmware:8.0
Cisco » Email Security Appliance Firmware » Version: 8.0.1

cpe:2.3:o:cisco:email_security_appliance_firmware:8.0.1
Cisco » Email Security Appliance Firmware » Version: 8.0.2

cpe:2.3:o:cisco:email_security_appliance_firmware:8.0.2
Cisco » Email Security Appliance Firmware » Version: 8.5

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5
Cisco » Email Security Appliance Firmware » Version: 8.5.6

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5.6
Cisco » Email Security Appliance Firmware » Version: 8.5.6-073

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5.6-073
Cisco » Email Security Appliance Firmware » Version: 8.5.6-106

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5.6-106
Cisco » Email Security Appliance Firmware » Version: 8.5.6-113

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5.6-113
Cisco » Email Security Appliance Firmware » Version: 8.5.7

cpe:2.3:o:cisco:email_security_appliance_firmware:8.5.7
Cisco » Email Security Appliance Firmware » Version: 9.0

cpe:2.3:o:cisco:email_security_appliance_firmware:9.0
Cisco » Email Security Appliance Firmware » Version: 9.0.0-461

cpe:2.3:o:cisco:email_security_appliance_firmware:9.0.0-461
Cisco » Email Security Appliance Firmware » Version: 9.1

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1
Cisco » Email Security Appliance Firmware » Version: 9.1.0-032

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.0-032
Cisco » Email Security Appliance Firmware » Version: 9.1.1

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.1
Cisco » Email Security Appliance Firmware » Version: 9.1.1-000

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.1-000
Cisco » Email Security Appliance Firmware » Version: 9.1.2

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.2
Cisco » Email Security Appliance Firmware » Version: 9.1.2-023

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.2-023
Cisco » Email Security Appliance Firmware » Version: 9.1.2-028

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.2-028
Cisco » Email Security Appliance Firmware » Version: 9.1.2-036

cpe:2.3:o:cisco:email_security_appliance_firmware:9.1.2-036
Cisco » Email Security Appliance Firmware » Version: 9.5

cpe:2.3:o:cisco:email_security_appliance_firmware:9.5
Cisco » Email Security Appliance Firmware » Version: 9.5.0-201

cpe:2.3:o:cisco:email_security_appliance_firmware:9.5.0-201
Cisco » Email Security Appliance Firmware » Version: 9.6.0

cpe:2.3:o:cisco:email_security_appliance_firmware:9.6.0
Cisco » Email Security Appliance Firmware » Version: 9.6.0-000

cpe:2.3:o:cisco:email_security_appliance_firmware:9.6.0-000
Cisco » Email Security Appliance Firmware » Version: 9.6.0-051

cpe:2.3:o:cisco:email_security_appliance_firmware:9.6.0-051
Cisco » Email Security Appliance Firmware » Version: 9.7

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7
Cisco » Email Security Appliance Firmware » Version: 9.7.0-125

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.0-125
Cisco » Email Security Appliance Firmware » Version: 9.7.0-782

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.0-782
Cisco » Email Security Appliance Firmware » Version: 9.7.1

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.1
Cisco » Email Security Appliance Firmware » Version: 9.7.1-06

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.1-06
Cisco » Email Security Appliance Firmware » Version: 9.7.1-066

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.1-066
Cisco » Email Security Appliance Firmware » Version: 9.7.2

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2
Cisco » Email Security Appliance Firmware » Version: 9.7.2-046

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-046
Cisco » Email Security Appliance Firmware » Version: 9.7.2-047

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-047
Cisco » Email Security Appliance Firmware » Version: 9.7.2-054

cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-054
Cisco » Email Security Appliance Firmware » Version: 9.8

cpe:2.3:o:cisco:email_security_appliance_firmware:9.8
Cisco » Email Security Appliance Firmware » Version: 9.8.0-112

cpe:2.3:o:cisco:email_security_appliance_firmware:9.8.0-112
Cisco » Email Security Appliance Firmware » Version: 9.8.1

cpe:2.3:o:cisco:email_security_appliance_firmware:9.8.1
Cisco » Email Security Appliance Firmware » Version: 9.9.6-026

cpe:2.3:o:cisco:email_security_appliance_firmware:9.9.6-026
Cisco » Email Security Appliance Firmware » Version: 9.9.9-894

cpe:2.3:o:cisco:email_security_appliance_firmware:9.9.9-894
Cisco » Email Security Appliance Firmware » Version: 9.9_base

cpe:2.3:o:cisco:email_security_appliance_firmware:9.9_base

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12706

Products

Pricing

Contact Us