漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco Email Security Appliance URL Filtering Bypass Vulnerability
漏洞信息
A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and validation checking mechanisms for certain Sender Policy Framework (SPF) messages that are sent to an affected device. An attacker could exploit this vulnerability by sending a customized SPF packet to an affected device. If successful, an exploit could allow the attacker to bypass the URL filters that are configured for the affected device, which could allow malicious URLs to pass through the device.
漏洞信息
N/A
漏洞
访问控制不恰当
漏洞
Cisco Email Security Appliance AsyncOS Software 访问控制错误漏洞
漏洞信息
Cisco Email Security Appliance(ESA)是美国思科(Cisco)公司的一套电子邮件安全设备。该设备提供垃圾邮件保护、邮件加密、数据丢失防护等功能。AsyncOS Software是一套使用在其中的操作系统。 Cisco ESA的AsyncOS Software中的反垃圾邮件保护机制存在访问控制错误漏洞,该漏洞源于不完整的输入验证检测机制(用于检测Sender Policy Framework消息)。远程攻击者可通过发送自定义的SPF数据包利用该漏洞绕过设备所配置的URL过滤器
漏洞信息
N/A
漏洞
N/A