CVE-2016-1486
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.
Una vulnerabilidad en la funcionalidad de escaneo de adjuntos de email de la característica Advanced Malware Protection (AMP) de Cisco AsyncOS Software para Cisco Email Security Appliances podría permitir a un atacante remoto no autenticado provocar que el dispositivo afectado pare el escaneo y reenvíe mensajes de email debido a una condición de denegación de servicio (DoS). Productos afectados: Esta vulnerabilidad afecta a las versiones Cisco AsyncOS Software releases 9.7.1 y posteriores, previas a la primera versión fija, ambos dispositivos virtuales y hardware Cisco Email Security Appliances, si la característica AMP está configurada para escanear los adjuntos de mails entrantes. Más información: CSCuy99453. Lanzamientos conocidos afectados: 9.7.1-066. Lanzamientos conocidos solucionados: 10.0.0-125 9.7.1-207 9.7.2-047.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-01-04 CVE Reserved
- 2016-10-28 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-19: Data Processing Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/93906 | Vdb Entry | |
| http://www.securitytracker.com/id/1037124 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2 | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.0-000 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.0-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.0-er1-198 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.0-er1-198" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.6-052 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.6-052" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.6-073 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.6-073" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.6-074 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.6-074" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.6-106 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.6-106" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.6-113 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.6-113" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.5.7-042 Search vendor "Cisco" for product "Email Security Appliance" and version "8.5.7-042" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.6.0 Search vendor "Cisco" for product "Email Security Appliance" and version "8.6.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.6.0-011 Search vendor "Cisco" for product "Email Security Appliance" and version "8.6.0-011" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.9.0 Search vendor "Cisco" for product "Email Security Appliance" and version "8.9.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.9.1-000 Search vendor "Cisco" for product "Email Security Appliance" and version "8.9.1-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 8.9.2-032 Search vendor "Cisco" for product "Email Security Appliance" and version "8.9.2-032" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.0.0 Search vendor "Cisco" for product "Email Security Appliance" and version "9.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.0.0-212 Search vendor "Cisco" for product "Email Security Appliance" and version "9.0.0-212" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.0.0-461 Search vendor "Cisco" for product "Email Security Appliance" and version "9.0.0-461" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.0.5-000 Search vendor "Cisco" for product "Email Security Appliance" and version "9.0.5-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.1.0 Search vendor "Cisco" for product "Email Security Appliance" and version "9.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.1.0-011 Search vendor "Cisco" for product "Email Security Appliance" and version "9.1.0-011" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.1.0-032 Search vendor "Cisco" for product "Email Security Appliance" and version "9.1.0-032" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.1.0-101 Search vendor "Cisco" for product "Email Security Appliance" and version "9.1.0-101" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.1.1-000 Search vendor "Cisco" for product "Email Security Appliance" and version "9.1.1-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.4.0 Search vendor "Cisco" for product "Email Security Appliance" and version "9.4.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.4.4-000 Search vendor "Cisco" for product "Email Security Appliance" and version "9.4.4-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.5.0-000 Search vendor "Cisco" for product "Email Security Appliance" and version "9.5.0-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.5.0-201 Search vendor "Cisco" for product "Email Security Appliance" and version "9.5.0-201" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.6.0-000 Search vendor "Cisco" for product "Email Security Appliance" and version "9.6.0-000" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.6.0-042 Search vendor "Cisco" for product "Email Security Appliance" and version "9.6.0-042" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.6.0-051 Search vendor "Cisco" for product "Email Security Appliance" and version "9.6.0-051" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance" | 9.7.0-125 Search vendor "Cisco" for product "Email Security Appliance" and version "9.7.0-125" | - |
Affected
| ||||||