Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
325
Views
0
Helpful
1
Replies

ESA - Ghostscript

Jens.Wall1
Level 1
Level 1

‎07-18-2023 01:39 AM

Hello, we are using Email Security C300V with ASyncOS 14.2. Currently, there is CVE-2023-36664. (CVE-2023-36664 (debian.org))

Does our Email Security utilize Ghostscript? Unfortunately, I couldn't find any reference to Ghostscript in the documentation for the open source programs, nor any indication of another PDF creator. (Open Source Used in AsyncOS 14.2 for Cisco Secure Email Gateway)

Best regards, Jens

Labels:
0 Helpful
1 Reply 1

amojarra
Cisco Employee
Cisco Employee

‎07-21-2023 02:10 PM

Hi @Jens.Wall1 

 

I can see : Cisco Content Security Management Appliance (SMA) / Cisco Content Security Management Appliance / 14.1.0-227 & 14.1.0-223 & 14.2.0-212  are not impacted by CVE-2023-36664.

For SMA's other versions and WSA's or ESA's there were no record, I did requested for vulnerability check, but it is best to open a support case with TALOS team, they will check this for you, for sure. 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++   If you find this answer helpful, please rate it as such  ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

0 Helpful
Customers Also Viewed These Support Documents