Cisco Email Security Appliance MP3 Content Filter Bypass Vulnerability

A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device.

The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending … Read More here

Source:: Cisco Security Advisories