Medium severity5.3NVD Advisory· Published Nov 16, 2017· Updated Jun 17, 2026
CVE-2017-12303
CVE-2017-12303
Description
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. The file types affected are zipped or archived file types. The vulnerability is due to incorrect and different file hash values when AMP scans the file. An attacker could exploit this vulnerability by sending a crafted email file attachment through the targeted device. An exploit could allow the attacker to bypass a configured AMP file filter. Cisco Bug IDs: CSCvf52943.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:o:cisco:asyncos:10.1.1-234:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:cisco:asyncos:10.1.1-234:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:asyncos:10.1.1-235:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/101932nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039828nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsanvdVendor Advisory
News mentions
0No linked articles in our index yet.