CVE-2016-6458
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066.
Una vulnerabilidad en la funcionalidad de filtrado de contenido de Software Cisco AsyncOS para Cisco Email Security Appliances podría permitir a un atacante remoto no autenticado eludir los filtros de contenido configurados en un dispositivo afectado. El correo electrónico que debería haber sido filtrado podría ser reenviado por el dispositivo. Esta vulnerabilidad afecta a todas las versiones anteriores a la primera versión solucionada del Software de Cisco AsyncOS para Cisco Email Security Appliances, tanto dispositivos virtual como hardware, si el software está configurado para utilizar un filtro de contenido para archivos adjuntos de correo electrónico que son protegidos o cifrados. Más información: CSCva52546. Lanzamientos conocidos afectados: 10.0.0-125 9.7.1-066.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-07-26 CVE Reserved
- 2016-11-19 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/94074 | Vdb Entry | |
| http://www.securitytracker.com/id/1037182 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.7.1-066 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.7.1-066" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.7.2-046 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.7.2-046" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.7.2-047 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.7.2-047" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.7.2-054 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.7.2-054" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.9.6-026 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.9.6-026" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 9.9_base Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "9.9_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 10.0.0-124 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "10.0.0-124" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | 10.0.0-125 Search vendor "Cisco" for product "Email Security Appliance Firmware" and version "10.0.0-125" | - |
Affected
| ||||||