Cisco Bug: CSCvh74835 - Wrong header processing method allow to manipulate FED score - part 1
Apr 30, 2019
- Cisco Email Security Appliance
Known Affected Releases
11.0.0-264 11.0.0-274 11.1.0-043
Symptom: The reliability of FED function highly depends on the data we compare with the pattern. The data is retrieved from the From header-value, where the pattern is defined manually in a dictionary. Certain types of headers can be erronously parsed causing the FED to return a score lower than expected. This defect covers the RFC-compliant headers which might cause an issue with the parser. Conditions: FED configured on an Email Security Appliance running an affected version.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases