5
CVE-2015-4184
- EPSS 0.58%
- Published 13.06.2015 10:59:00
- Last modified 12.04.2025 10:46:40
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Email Security Appliance Version3.331-09
Cisco ≫ Email Security Appliance Version7.5.1-gpl-022
Cisco ≫ Email Security Appliance Version8.5.6-074
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.58% | 0.678 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.