it.ucsf.edu

Security Update:Cisco has released security updates to address CRITICAL and HIGH vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance

Status Type

Security Update

Date and Time

Wednesday, January 9, 2019 - 14:25

Reason

Security update

Impact

Cisco users

WHAT HAPPENED

Cisco has released security updates to address CRITICALand HIGHvulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance.

 

Advanced Users: For a complete description of the vulnerabilities and effected systems, visit:

 

AFFECTED SYSTEM - Versions:

  • All software versions prior to the first fixed release ofCisco AsyncOS Software for Cisco Email Security Appliance (ESA), both virtual and hardware appliances, if the software is configured for S/MIME Decryption and Verification or S/MIME Public Key Harvesting
  • All software versions prior to the first fixed release of Cisco AsyncOS Software for Cisco ESAs, both virtual and hardware, if the URL Filtering as Global Setting feature is enabled and a URL whitelist is in use

 

WHAT’S THE PROBLEM?

A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

 

WHAT DO I NEED TO DO?

Users and administrators are encouraged to go to the link listed above and review the Cisco Security Advisory.

 

RELATED LINKS