CVE-2015-0605Cisco Asyncos vulnerability

CWE-2644 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 31.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Asyncos
Timeline
PublishedFeb 7
Latest updateMay 14

Description

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDcisco/asyncos8.5

🔴Vulnerability Details

2
GHSA
GHSA-6554-9q2f-rxww: The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 82022-05-14
CVEList
CVE-2015-0605: The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 82015-02-07

📋Vendor Advisories

1
Cisco
Cisco AsyncOS Software Uuencoded Email Filtering Bypass Vulnerability2015-02-06
CVE-2015-0605 — Cisco Asyncos vulnerability | cvebase