Denial of Service Vulnerability in Cisco Email Security Appliance and Content Security Management Appliance
CVE-2013-3386

Currently unrated

Key Information:

Vendor: Cisco
Status: Ironport Asyncos
Vendor: CVE Published:; 27 June 2013

Summary

The IronPort Spam Quarantine component of Cisco's AsyncOS has a vulnerability that enables remote attackers to exploit the system through a rapid succession of TCP connection attempts. This can lead to a denial of service, resulting in the affected devices, such as the Cisco Email Security Appliance and Content Security Management Appliance, crashing or hanging. Affected versions include those prior to 7.1.5-106 for AsyncOS and earlier than 7.9.1-102 for the Management Appliance. This flaw poses significant risks to organizations relying on these systems for email security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 27, 2013