Cisco Bug: CSCun73713 - ENH: ESA mailconfig option to send configurations via CRES
Feb 26, 2019
- Cisco Email Security Appliance
Known Affected Releases
Symptom: client risks his email security by sending configs over plain text smtp 25 over the internet mailconfig not integrated with CRES even if the Ironport Email Encryption License is valid on the appliance: IronPort Email Encryption 1 Active 88 days Tue Jun 10 18:16:43 2014 Conditions: The only security mechanism still requires awareness of the implied security risk by the administrator. He can send to any email address on the internet. Even in best case scenario: Client enters his email address, message communicated to his SMTP route, hopefully TLS enabled but there is still danger in sending it plain text to any other domain on the internet, exposing the configuration to sniffing / interception.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases