CVE-2015-4278

Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.

Published: Jul 16, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-4278
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / email_security_appliance_firmware	8.5.6-106	8.5.6-106.x
cisco / email_security_appliance_firmware	9.5.0-201	9.5.0-201.x

http://tools.cisco.com/security/center/viewAlert.x?alertId=39940
http://www.securitytracker.com/id/1032961

Vulnerability Database

289,697

CVE-2015-4278