High severity7.5NVD Advisory· Published Aug 15, 2018· Updated Jun 17, 2026

CVE-2018-0419

Description

A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected system. The vulnerability is due to the improper detection of content within executable (EXE) files. An attacker could exploit this vulnerability by sending a customized EXE file that is not recognized and blocked by the ESA. A successful exploit could allow an attacker to send email messages that contain malicious executable files to unsuspecting users. Cisco Bug IDs: CSCvh03786.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Cisco Systems, Inc./Email Security Appliance Firmwarellm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/105112nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1041531nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-esa-file-bypassnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000