Cisco · Cisco Secure Email/Web Manager · CVE-2021-1561
**Name of the Vulnerable Software and Affected Versions**
Cisco Secure Email and Web Manager (affected versions not specified)
**Description**
A vulnerability in the spam quarantine feature could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This issue exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this by sending malicious requests to an affected system, potentially modifying another user's spam quarantine settings, disabling security controls, or viewing email messages stored on the spam quarantine interfaces.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.