CVE-2024-10635

Name of the Vulnerable Software and Affected Versions Enterprise Protection (affected versions not specified)

Description The issue is related to an improper input validation vulnerability in the attachment defense of Enterprise Protection. This vulnerability allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.