Preview Tool

Cisco Bug: CSCvh74974 - Wrong header processing method allow to manipulate FED score - part 2

Last Modified

Sep 23, 2019

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

11.0.0-264 11.0.0-274 11.1.0-043

Description (partial)

The reliability of FED function highly depends on the data we compare with the pattern. 
The data is retrieved from the From header-value, where the pattern is defined manually in a dictionary.
Certain types of headers can be erroneously parsed causing the FED to return a score lower than expected. 

This defect covers the non-RFC compliant headers which should be handled by the parser.

FED configured on an Email Security Appliance running an affected version.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.