Cisco Email Security Appliance Quarantine Email Rendering Vulnerability

A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack.

The vulnerability is due to malformed HTML script tags in quarantined email messages. An attacker could exploit this vulnerability by sending a crafted email message to the affected device. An exploit could allow the attacker to trick a user who views the MIQ email message into clicking a malicious link.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4”]