CVE CVE-2020-3133 Mappings

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit this vulnerability by sending a crafted email message to a recipient protected by the ESA. A successful exploit could allow the attacker to bypass the configured content filters, which could allow malicious content to pass through the device.


Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-3133 Cisco Email Security Appliance (ESA) primary_impact T1190 Exploit Public-Facing Application
CVE-2020-3133 Cisco Email Security Appliance (ESA) exploitation_technique T1566.001 Spearphishing Attachment