JVN#58574030
Scanning evasion issue in Cisco Secure Email Gateway
Overview
Cisco Secure Email Gateway provided by Cisco Systems may fail to detect specially crafted files.
Products Affected
- Cisco Secure Email Gateway versions prior to 15.5
Description
Cisco Secure Email Gateway provides anti-virus scanning facility for e-mail attachments.
It was reported that a certain crafted file can evade anti-virus scanning facility.
Impact
Some malicious contents may evade the scanning facility of the affected product and reach victim recipients.
Solution
Update the software
The developer states version 15.5 that contains a fix for this issue is scheduled to be released at the end of January 2024.
This issue is resolved by updating the file scanning rules with an update.
For more information, refer to the information provided by the developer.
Vendor Status
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
This issue was found by Takahiro Ohtani and Michael Joshua Telloyan in the Bug Bounty program at the University of Electro-Communications.
They then reported it to IPA, and JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
|
| JVN iPedia |
JVNDB-2023-000100 |
Update History
- 2023/10/18
- Information under the section [Vendor Status] was updated.
- 2023/10/27
- Information under the section [Solution] was updated.