CVE-2021-1566

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) (affected versions not specified)

Description A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This issue is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this by sending a crafted TLS packet to an affected device, potentially allowing the attacker to spoof a trusted host, extract sensitive information, or alter certain API requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.