January 9th 2019, By Lindsey O'Donnell
A remote attacker could exploit the vulnerability simply by sending an email.
Cisco has patched two serious vulnerabilities – one critical and one high-severity – in its email security appliance tool. Both bugs ultimately lead to a denial of service (DoS) on impacted devices – and can be exploited by an attacker who simply sends an email.
Overall, the company on Wednesday released 18 fixes
for vulnerabilities spanning its products, including one critical, one high- and 16 medium-severity bugs. The most severe of these, a critical vulnerability (CVE-2018-15453), has a CVSS score of 8.6 and could ultimately lead to “permanent DoS” on impacted devices.