Cisco has released security updates to address vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability cisco-sa-20190109-esa-dos
- Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability cisco-sa-20190109-esa-url-dos