cve-2016-6356
Vulnerability from cvelistv5
Published
2016-10-28 10:00
Modified
2024-08-06 01:29
Severity ?
Summary
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/93907
ykramarz@cisco.comhttp://www.securitytracker.com/id/1037122
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93907
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037122
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3Vendor Advisory
Impacted products
Vendor Product Version
n/a Cisco AsyncOS through 9.7.0-125 Version: Cisco AsyncOS through 9.7.0-125
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:19.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037122",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037122"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3"
          },
          {
            "name": "93907",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93907"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco AsyncOS through 9.7.0-125",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco AsyncOS through 9.7.0-125"
            }
          ]
        }
      ],
      "datePublic": "2016-10-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unspecified",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1037122",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037122"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3"
        },
        {
          "name": "93907",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93907"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6356",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco AsyncOS through 9.7.0-125",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco AsyncOS through 9.7.0-125"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unspecified"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037122",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037122"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3"
            },
            {
              "name": "93907",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93907"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-6356",
    "datePublished": "2016-10-28T10:00:00",
    "dateReserved": "2016-07-26T00:00:00",
    "dateUpdated": "2024-08-06T01:29:19.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:3.3.1-09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B447F5BF-B930-412C-BB5B-76FB59F2131F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CD539F0-FB4C-43BB-B84D-8EB2D5780C30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0119B5B-0DE1-40DE-B987-5BD090C46396\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C9B9EA8-AC3E-46B5-9E1A-C5CDA49C2417\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3584055D-21D7-4701-A6DA-3A42037C235D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98F65C35-8F6C-443A-8A70-507E2BECE434\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C08DF98F-D463-444A-9C99-3D9F598AD35D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72B46B14-F730-4C19-B990-7A97180A6B76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47B559C5-4D63-4F19-B52D-71AE2D057983\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A024420-2138-45C2-A1B1-D9E6C421CC43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B7861DE-6DC4-445E-B881-E731E78C933E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C1883A6-FD4A-4E06-AA83-C2E1035C5BE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8209F5B3-2F65-4976-86CE-8C3F92D6D053\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.5.2-201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E2D3BA-C2EF-4178-B1EA-0E2318DAFE37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048157E8-DC18-47D6-8061-6D209C4B640A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.1-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C970A35B-04DD-45A4-A739-585ACEE496AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.1-gpl-022:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCC3BF72-7CD4-47F8-B98F-7D61802A22BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82842FC8-6041-4FD6-AA4B-818052798F01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.3-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA18CA46-D4FA-48C8-A632-9C618C4C647C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.6.3-025:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD7AD8D8-C690-47C6-8A58-8499266F9659\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.7.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6096CDB-3908-4E75-A9B6-285738C582B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.7.1-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38B13FE0-91B3-48AC-83D5-839E9C49AF10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F11D078-2A4A-40C2-8DBA-3A9529355245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:7.8.0-311:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B9C47AD-38DA-44BE-8868-A21F93332783\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.0.1-023:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FABFD96-9076-4838-A775-7DA478214760\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.0_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D070904-FF6A-4356-A6B9-FC572CF4ADEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCB92F9E-9FA2-4D50-82C2-FF0A20EB42FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9AFCF6-AFC3-4466-AB77-DA77090BBE0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A511EEC7-A7B4-46A0-9182-42B6FFB0E103\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8A45A9-0835-4F4D-99D1-4E894EE95B5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C69F7FA3-F8FD-430F-B70C-FBFC3C1A2D04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EFD829C-2BA8-4EA6-A846-74776A05D105\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A831B2A-A23C-4BB4-B64C-ADD2C77D96E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46895808-4225-42FB-BA8B-12ADFADAB4AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54E7090B-6FB0-4161-8534-BD2561B1C203\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CA88FC-047E-4EA4-B3E9-E903DD1892CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A4A2C13-FB68-4DAD-AC0E-A90260655F33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B574E66D-783A-48E6-A04A-16E0B1A56EBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE973E6A-4BE5-44D7-9E66-B966377F2315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE6412D3-E788-45F8-B4E5-4795CD88F3C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79408E18-14BE-486A-AAD1-95A3871CCD21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44F4ABDB-16DC-4D8F-B2D8-9724133F40BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8A2F388-FFE1-43BD-A9B6-D21043F86AA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57F398CF-66B8-4BE1-8586-1DCD1FF8C3C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EF05089-FDC2-4D78-9949-B313A11A3FF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22602224-5873-4B62-A3B4-66B9E590B73E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C301DE3-99C7-415A-9D1B-8DDD00E4E5D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA369D6F-7011-49CF-B0E7-D1B7A2D1B719\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D328123-3F80-4686-A464-574CDFF67247\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C17D2028-25C5-4234-8723-7040DCFBEE92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF846D4C-F7A2-4C27-A2A3-CFE5E76DE5F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98D691BA-8205-4C49-851B-2FDC1F22F641\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED373FBD-1BB7-4532-946F-9DA2DF33A8D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A450E5F-D02B-4F4D-9844-794D6A39D923\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61E682A3-28D4-4163-B047-DAD05D404128\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_appliance:9.7.1-066:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72DADB2C-D86D-44B5-B87B-289990A7D9B4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la caracter\\u00edstica de filtrado de mensajes de email de Cisco AsyncOS Software para Cisco Email Security Appliances podr\\u00eda permitir a un atacante remoto no autenticado provocar que el dispositivo afectado pare el escaneo y reenv\\u00ede mensajes de email debido a una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS). Productos afectados: Esta vulnerabilidad afecta a todas las versiones previas a la primera versi\\u00f3n fija de Cisco AsyncOS Software para Cisco Email Security Appliances, ambos dispositivos virtuales y hardware, si el software est\\u00e1 configurado para aplicar un filtro de mensajes o un filtro de contenido a los adjuntos de mails entrantes. La vulnerabilidad no est\\u00e1 limitada a reglas o acciones espec\\u00edficas del filtro de mensajes o del filtro de contenido. M\\u00e1s informaci\\u00f3n: CSCuz63143. Lanzamientos conocidos afectados: 8.5.7-042 9.7.0-125. Lanzamientos conocidos solucionados: 10.0.0-125 9.1.1-038 9.7.2-047.\"}]",
      "id": "CVE-2016-6356",
      "lastModified": "2024-11-21T02:55:58.163",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-10-28T10:59:06.587",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/93907\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1037122\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93907\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1037122\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6356\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2016-10-28T10:59:06.587\",\"lastModified\":\"2024-11-21T02:55:58.163\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la caracter\u00edstica de filtrado de mensajes de email de Cisco AsyncOS Software para Cisco Email Security Appliances podr\u00eda permitir a un atacante remoto no autenticado provocar que el dispositivo afectado pare el escaneo y reenv\u00ede mensajes de email debido a una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Productos afectados: Esta vulnerabilidad afecta a todas las versiones previas a la primera versi\u00f3n fija de Cisco AsyncOS Software para Cisco Email Security Appliances, ambos dispositivos virtuales y hardware, si el software est\u00e1 configurado para aplicar un filtro de mensajes o un filtro de contenido a los adjuntos de mails entrantes. La vulnerabilidad no est\u00e1 limitada a reglas o acciones espec\u00edficas del filtro de mensajes o del filtro de contenido. M\u00e1s informaci\u00f3n: CSCuz63143. Lanzamientos conocidos afectados: 8.5.7-042 9.7.0-125. Lanzamientos conocidos solucionados: 10.0.0-125 9.1.1-038 9.7.2-047.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:3.3.1-09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B447F5BF-B930-412C-BB5B-76FB59F2131F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CD539F0-FB4C-43BB-B84D-8EB2D5780C30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0119B5B-0DE1-40DE-B987-5BD090C46396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C9B9EA8-AC3E-46B5-9E1A-C5CDA49C2417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3584055D-21D7-4701-A6DA-3A42037C235D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98F65C35-8F6C-443A-8A70-507E2BECE434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C08DF98F-D463-444A-9C99-3D9F598AD35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B46B14-F730-4C19-B990-7A97180A6B76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47B559C5-4D63-4F19-B52D-71AE2D057983\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A024420-2138-45C2-A1B1-D9E6C421CC43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7861DE-6DC4-445E-B881-E731E78C933E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1883A6-FD4A-4E06-AA83-C2E1035C5BE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8209F5B3-2F65-4976-86CE-8C3F92D6D053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.5.2-201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E2D3BA-C2EF-4178-B1EA-0E2318DAFE37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048157E8-DC18-47D6-8061-6D209C4B640A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.1-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C970A35B-04DD-45A4-A739-585ACEE496AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.1-gpl-022:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC3BF72-7CD4-47F8-B98F-7D61802A22BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82842FC8-6041-4FD6-AA4B-818052798F01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.3-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA18CA46-D4FA-48C8-A632-9C618C4C647C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.6.3-025:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7AD8D8-C690-47C6-8A58-8499266F9659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.7.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6096CDB-3908-4E75-A9B6-285738C582B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.7.1-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38B13FE0-91B3-48AC-83D5-839E9C49AF10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F11D078-2A4A-40C2-8DBA-3A9529355245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:7.8.0-311:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B9C47AD-38DA-44BE-8868-A21F93332783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.0.1-023:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FABFD96-9076-4838-A775-7DA478214760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D070904-FF6A-4356-A6B9-FC572CF4ADEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCB92F9E-9FA2-4D50-82C2-FF0A20EB42FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9AFCF6-AFC3-4466-AB77-DA77090BBE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A511EEC7-A7B4-46A0-9182-42B6FFB0E103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8A45A9-0835-4F4D-99D1-4E894EE95B5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C69F7FA3-F8FD-430F-B70C-FBFC3C1A2D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EFD829C-2BA8-4EA6-A846-74776A05D105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A831B2A-A23C-4BB4-B64C-ADD2C77D96E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46895808-4225-42FB-BA8B-12ADFADAB4AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54E7090B-6FB0-4161-8534-BD2561B1C203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CA88FC-047E-4EA4-B3E9-E903DD1892CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A4A2C13-FB68-4DAD-AC0E-A90260655F33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B574E66D-783A-48E6-A04A-16E0B1A56EBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE973E6A-4BE5-44D7-9E66-B966377F2315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE6412D3-E788-45F8-B4E5-4795CD88F3C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79408E18-14BE-486A-AAD1-95A3871CCD21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F4ABDB-16DC-4D8F-B2D8-9724133F40BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8A2F388-FFE1-43BD-A9B6-D21043F86AA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57F398CF-66B8-4BE1-8586-1DCD1FF8C3C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EF05089-FDC2-4D78-9949-B313A11A3FF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22602224-5873-4B62-A3B4-66B9E590B73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C301DE3-99C7-415A-9D1B-8DDD00E4E5D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA369D6F-7011-49CF-B0E7-D1B7A2D1B719\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D328123-3F80-4686-A464-574CDFF67247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C17D2028-25C5-4234-8723-7040DCFBEE92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF846D4C-F7A2-4C27-A2A3-CFE5E76DE5F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98D691BA-8205-4C49-851B-2FDC1F22F641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED373FBD-1BB7-4532-946F-9DA2DF33A8D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A450E5F-D02B-4F4D-9844-794D6A39D923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E682A3-28D4-4163-B047-DAD05D404128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_appliance:9.7.1-066:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72DADB2C-D86D-44B5-B87B-289990A7D9B4\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/93907\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1037122\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037122\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.