CVE-2017-12353

Name of the Vulnerable Software and Affected Versions Cisco Email Security Appliances (ESA) (affected versions not specified)

Description A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner could allow an unauthenticated, remote attacker to bypass configured user filters on the device. This issue is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this by sending an email with a crafted MIME attachment, potentially allowing them to bypass filters and drop the email. The malformed MIME headers may not be RFC compliant, but some mail clients could still allow users to access the attachment, which may not have been properly filtered.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.