CVE-2018-15460

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) (affected versions not specified)

Description The issue is related to insufficient input processing in the email message filtering feature, which could allow a remote attacker to cause a denial of service (DoS) condition by sending a specially crafted email message. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this by sending a malicious email message with a large number of whitelisted URLs, potentially causing a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.