Preview Tool

Cisco Bug: CSCun73713 - ENH: ESA mailconfig option to send configurations via CRES

Last Modified

Feb 26, 2019

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases


Description (partial)

client risks his email security by sending configs over plain text smtp 25 over the internet

mailconfig not integrated with CRES even if the Ironport Email Encryption License is valid on the appliance: 
IronPort Email Encryption           1          Active     88 days     Tue Jun 10 18:16:43 2014

The only security mechanism still requires awareness of the implied security risk by the administrator. He can send to any email address on the internet. 

Even in best case scenario:
Client enters his email address, message communicated to his SMTP route, hopefully TLS enabled but there is still danger in sending it plain text to any other domain on the internet, exposing the configuration to sniffing / interception.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.