CVE-2016-6458

Name of the Vulnerable Software and Affected Versions Cisco Email Security Appliances versions prior to the first fixed release

Description A vulnerability in the content filtering functionality could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device, potentially causing email that should have been filtered to be forwarded instead. This issue affects devices configured to use a content filter for email attachments that are protected or encrypted.

Recommendations For versions prior to the first fixed release, update to the first fixed release of Cisco AsyncOS Software to resolve the issue. As a temporary workaround, consider disabling the content filtering functionality for email attachments that are protected or encrypted until a patch is available. Restrict access to the content filtering module to minimize the risk of exploitation.