CVE-2017-3800

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Cisco Email Security Appliances versions prior to 10.0.1-083

Description A vulnerability in the content scanning engine could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. This issue affects devices configured to apply a message filter or content filter to incoming email attachments, and it is not limited to any specific rules or actions for a message filter or content filter.

Recommendations For versions prior to 10.0.1-083, update to a fixed release, such as 10.0.1-083 or later, to resolve the issue. As a temporary workaround, consider restricting the application of message filters or content filters to incoming email attachments until a patch is available.