Guest

Preview Tool

Cisco Bug: CSCvh74835 - Wrong header processing method allow to manipulate FED score - part 1

Last Modified

Apr 30, 2019

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

11.0.0-264 11.0.0-274 11.1.0-043

Description (partial)

Symptom:
The reliability of FED function highly depends on the data we compare with the pattern. 
The data is retrieved from the From header-value, where the pattern is defined manually in a dictionary.
Certain types of headers can be erronously parsed causing the FED to return a score lower than expected. 

This defect covers the RFC-compliant headers which might cause an issue with the parser.

Conditions:
FED configured on an Email Security Appliance running an affected version.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.