CVE-2021-1534

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS for Cisco Email Security Appliance (affected versions not specified)

Description The issue exists due to insufficient input validation and improper processing of URLs in the antispam protection mechanisms. An unauthenticated, remote attacker could exploit this by crafting a URL in a particular way, allowing them to bypass the URL reputation filters on an affected device. This could enable malicious URLs to pass through the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.