CVE-2015-4278
Cisco Email Security Appliance Firmware 8.5.6-106 and 9.5.0-201 - Denial of Service via Malformed DMARC DNS TXT Record
Title source: llmDescription
Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39940
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032961
Scores
EPSS
0.0153
EPSS Percentile
71.8%
Details
CWE
CWE-20
Status
published
Products (2)
cisco/email_security_appliance_firmware
8.5.6-106
cisco/email_security_appliance_firmware
9.5.0-201
Published
Jul 16, 2015
Tracked Since
Feb 18, 2026