Lucene search
HistorySep 14, 2015 - 1:59 a.m.
CVE-2015-6285
cisco
email security
esa
cve-2015-6285
format string vulnerability
denial of service
memory overwrite
service outage
bug id cscug21497
nvd
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.6%
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.
Affected configurations
Node
ciscoemail_security_applianceMatch7.6.0
ORciscoemail_security_applianceMatch8.0.0
Related
cisco
cisco
Cisco Email Security Appliance Format String Vulnerability
2015-09-09 18:02:16
openvas
openvas
Cisco Email Security Appliance Format String Vulnerability
2015-09-11 00:00:00
prion
prion
Format string
2015-09-14 01:59:00
cvelist
cvelist
CVE-2015-6285
2015-09-14 01:00:00
nvd
nvd
CVE-2015-6285
2015-09-14 01:59:03
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
48.6%
Related for CVE-2015-6285