AI Score
Confidence
Low
EPSS
Percentile
58.8%
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.
tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381
tools.cisco.com/security/center/viewAlert.x?alertId=36062