Cisco Web Security Appliance AMP文件绕过漏洞(CVE-2017-12303)
受影响系统:
Cisco Web Security Appliance
描述:CVE(CAN) ID: CVE-2017-12303
Cisco AsyncOS操作系统是可以提升思科电子邮件安全设备的安全和性能。
Cisco AsyncOS Software for Cisco Web Security Appliance (WSA)的高级恶意软件保护(AMP)文件过滤存在安全漏洞,可使未经身份验证的远程攻击者绕过配置的AMP文件过滤规则。
<*来源:Cisco
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsa
*>
建议:厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20171115-wsa)以及相应补丁:
cisco-sa-20171115-wsa:Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsa