CVE-2015-4278

Cisco Email Security Appliance Firmware 8.5.6-106 and 9.5.0-201 - Denial of Service via Malformed DMARC DNS TXT Record

Title source: llm
STIX 2.1

Description

Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39940
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032961

Scores

EPSS 0.0153
EPSS Percentile 71.8%

Details

CWE
CWE-20
Status published
Products (2)
cisco/email_security_appliance_firmware 8.5.6-106
cisco/email_security_appliance_firmware 9.5.0-201
Published Jul 16, 2015
Tracked Since Feb 18, 2026