CVE-2016-1486 (GCVE-0-2016-1486)

Vulnerability from cvelistv5 – Published: 2016-10-28 10:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.
Severity ?
No CVSS data available.
CWE
  • unspecified
Assigner
References
Impacted products
Vendor Product Version
n/a Cisco AsyncOS through 9.7.1-066 Affected: Cisco AsyncOS through 9.7.1-066
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2"
          },
          {
            "name": "1037124",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037124"
          },
          {
            "name": "93906",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93906"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco AsyncOS through 9.7.1-066",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco AsyncOS through 9.7.1-066"
            }
          ]
        }
      ],
      "datePublic": "2016-10-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unspecified",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2"
        },
        {
          "name": "1037124",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037124"
        },
        {
          "name": "93906",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93906"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1486",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco AsyncOS through 9.7.1-066",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco AsyncOS through 9.7.1-066"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unspecified"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2"
            },
            {
              "name": "1037124",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037124"
            },
            {
              "name": "93906",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93906"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1486",
    "datePublished": "2016-10-28T10:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCB92F9E-9FA2-4D50-82C2-FF0A20EB42FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9AFCF6-AFC3-4466-AB77-DA77090BBE0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A511EEC7-A7B4-46A0-9182-42B6FFB0E103\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8A45A9-0835-4F4D-99D1-4E894EE95B5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C69F7FA3-F8FD-430F-B70C-FBFC3C1A2D04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EFD829C-2BA8-4EA6-A846-74776A05D105\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A831B2A-A23C-4BB4-B64C-ADD2C77D96E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46895808-4225-42FB-BA8B-12ADFADAB4AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54E7090B-6FB0-4161-8534-BD2561B1C203\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CA88FC-047E-4EA4-B3E9-E903DD1892CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A4A2C13-FB68-4DAD-AC0E-A90260655F33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B574E66D-783A-48E6-A04A-16E0B1A56EBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE973E6A-4BE5-44D7-9E66-B966377F2315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE6412D3-E788-45F8-B4E5-4795CD88F3C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79408E18-14BE-486A-AAD1-95A3871CCD21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44F4ABDB-16DC-4D8F-B2D8-9724133F40BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8A2F388-FFE1-43BD-A9B6-D21043F86AA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57F398CF-66B8-4BE1-8586-1DCD1FF8C3C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EF05089-FDC2-4D78-9949-B313A11A3FF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22602224-5873-4B62-A3B4-66B9E590B73E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C301DE3-99C7-415A-9D1B-8DDD00E4E5D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F0298F5-CE72-4A8A-9AA9-5770BE6081F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA369D6F-7011-49CF-B0E7-D1B7A2D1B719\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D328123-3F80-4686-A464-574CDFF67247\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C17D2028-25C5-4234-8723-7040DCFBEE92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF846D4C-F7A2-4C27-A2A3-CFE5E76DE5F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98D691BA-8205-4C49-851B-2FDC1F22F641\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED373FBD-1BB7-4532-946F-9DA2DF33A8D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A450E5F-D02B-4F4D-9844-794D6A39D923\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E682A3-28D4-4163-B047-DAD05D404128\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funcionalidad de escaneo de adjuntos de email de la caracter\\u00edstica Advanced Malware Protection (AMP) de Cisco AsyncOS Software para Cisco Email Security Appliances podr\\u00eda permitir a un atacante remoto no autenticado provocar que el dispositivo afectado pare el escaneo y reenv\\u00ede mensajes de email debido a una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS). Productos afectados: Esta vulnerabilidad afecta a las versiones Cisco AsyncOS Software releases 9.7.1 y posteriores, previas a la primera versi\\u00f3n fija, ambos dispositivos virtuales y hardware Cisco Email Security Appliances, si la caracter\\u00edstica AMP est\\u00e1 configurada para escanear los adjuntos de mails entrantes. M\\u00e1s informaci\\u00f3n: CSCuy99453. Lanzamientos conocidos afectados: 9.7.1-066. Lanzamientos conocidos solucionados: 10.0.0-125 9.7.1-207 9.7.2-047.\"}]",
      "id": "CVE-2016-1486",
      "lastModified": "2024-11-21T02:46:31.923",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-10-28T10:59:05.197",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/93906\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1037124\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93906\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1037124\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-19\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1486\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-10-28T10:59:05.197\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de escaneo de adjuntos de email de la caracter\u00edstica Advanced Malware Protection (AMP) de Cisco AsyncOS Software para Cisco Email Security Appliances podr\u00eda permitir a un atacante remoto no autenticado provocar que el dispositivo afectado pare el escaneo y reenv\u00ede mensajes de email debido a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Productos afectados: Esta vulnerabilidad afecta a las versiones Cisco AsyncOS Software releases 9.7.1 y posteriores, previas a la primera versi\u00f3n fija, ambos dispositivos virtuales y hardware Cisco Email Security Appliances, si la caracter\u00edstica AMP est\u00e1 configurada para escanear los adjuntos de mails entrantes. M\u00e1s informaci\u00f3n: CSCuy99453. Lanzamientos conocidos afectados: 9.7.1-066. Lanzamientos conocidos solucionados: 10.0.0-125 9.7.1-207 9.7.2-047.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCB92F9E-9FA2-4D50-82C2-FF0A20EB42FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9AFCF6-AFC3-4466-AB77-DA77090BBE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A511EEC7-A7B4-46A0-9182-42B6FFB0E103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8A45A9-0835-4F4D-99D1-4E894EE95B5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69F7FA3-F8FD-430F-B70C-FBFC3C1A2D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EFD829C-2BA8-4EA6-A846-74776A05D105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A831B2A-A23C-4BB4-B64C-ADD2C77D96E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46895808-4225-42FB-BA8B-12ADFADAB4AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54E7090B-6FB0-4161-8534-BD2561B1C203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CA88FC-047E-4EA4-B3E9-E903DD1892CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A4A2C13-FB68-4DAD-AC0E-A90260655F33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B574E66D-783A-48E6-A04A-16E0B1A56EBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE973E6A-4BE5-44D7-9E66-B966377F2315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE6412D3-E788-45F8-B4E5-4795CD88F3C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79408E18-14BE-486A-AAD1-95A3871CCD21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F4ABDB-16DC-4D8F-B2D8-9724133F40BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8A2F388-FFE1-43BD-A9B6-D21043F86AA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F398CF-66B8-4BE1-8586-1DCD1FF8C3C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF05089-FDC2-4D78-9949-B313A11A3FF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22602224-5873-4B62-A3B4-66B9E590B73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C301DE3-99C7-415A-9D1B-8DDD00E4E5D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F0298F5-CE72-4A8A-9AA9-5770BE6081F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA369D6F-7011-49CF-B0E7-D1B7A2D1B719\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D328123-3F80-4686-A464-574CDFF67247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C17D2028-25C5-4234-8723-7040DCFBEE92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF846D4C-F7A2-4C27-A2A3-CFE5E76DE5F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98D691BA-8205-4C49-851B-2FDC1F22F641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED373FBD-1BB7-4532-946F-9DA2DF33A8D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A450E5F-D02B-4F4D-9844-794D6A39D923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E682A3-28D4-4163-B047-DAD05D404128\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/93906\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1037124\",\"source\":\"psirt@cisco.com\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93906\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.