CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-1844

A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device. The vulnerability is due to improper detection of certain content sent to an affected device. An attacker could exploit this vulnerability by sending certain file types without Content-Disposition information to an affected device. A successful exploit could allow an attacker to send messages that contain malicious content to users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/108149
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-esa-bypass
http://www.securityfocus.com/bid/108149
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-esa-bypass

Products affected by CVE-2019-1844

Cisco » Email Security Appliance » Version: 11.1.0-131

cpe:2.3:a:cisco:email_security_appliance:11.1.0-131

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1844

Products

Pricing

Contact Us