Lucene search

[email protected]CVE-2016-1481

HistoryOct 28, 2016 - 10:59 a.m.

CVE-2016-1481

2016-10-2810:59:03

CWE-20

[email protected]

web.nvd.nist.gov

cisco

asyncos

software

email security

appliances

vulnerability

dos

cve-2016-1481

nvd

cscux59873

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter that contains certain rules. More Information: CSCux59873. Known Affected Releases: 8.5.6-106 9.1.0-032 9.7.0-125. Known Fixed Releases: 9.1.1-038 9.7.1-066.

Affected configurations

NVD

Node

ciscoemail_security_applianceMatch8.5.0-000

ciscoemail_security_applianceMatch8.5.0-er1-198

ciscoemail_security_applianceMatch8.5.6-052

ciscoemail_security_applianceMatch8.5.6-073

ciscoemail_security_applianceMatch8.5.6-074

ciscoemail_security_applianceMatch8.5.6-106

ciscoemail_security_applianceMatch8.5.6-113

ciscoemail_security_applianceMatch8.5.7-042

ciscoemail_security_applianceMatch8.6.0

ciscoemail_security_applianceMatch8.6.0-011

ciscoemail_security_applianceMatch8.9.0

ciscoemail_security_applianceMatch8.9.1-000

ciscoemail_security_applianceMatch8.9.2-032

ciscoemail_security_applianceMatch9.0.0

ciscoemail_security_applianceMatch9.0.0-212

ciscoemail_security_applianceMatch9.0.0-461

ciscoemail_security_applianceMatch9.0.5-000

ciscoemail_security_applianceMatch9.1.0

ciscoemail_security_applianceMatch9.1.0-011

ciscoemail_security_applianceMatch9.1.0-032

ciscoemail_security_applianceMatch9.1.0-101

ciscoemail_security_applianceMatch9.1.1-000

ciscoemail_security_applianceMatch9.4.0

ciscoemail_security_applianceMatch9.4.4-000

ciscoemail_security_applianceMatch9.5.0-000

ciscoemail_security_applianceMatch9.5.0-201

ciscoemail_security_applianceMatch9.6.0-000

ciscoemail_security_applianceMatch9.6.0-042

ciscoemail_security_applianceMatch9.6.0-051

ciscoemail_security_applianceMatch9.7.0-125

CPENameOperatorVersion
cisco:email_security_appliancecisco email security applianceeq8.5.0-000
cisco:email_security_appliancecisco email security applianceeq8.5.0-er1-198
cisco:email_security_appliancecisco email security applianceeq8.5.6-052
cisco:email_security_appliancecisco email security applianceeq8.5.6-073
cisco:email_security_appliancecisco email security applianceeq8.5.6-074
cisco:email_security_appliancecisco email security applianceeq8.5.6-106
cisco:email_security_appliancecisco email security applianceeq8.5.6-113
cisco:email_security_appliancecisco email security applianceeq8.5.7-042
cisco:email_security_appliancecisco email security applianceeq8.6.0
cisco:email_security_appliancecisco email security applianceeq8.6.0-011

CPE	Name	Operator	Version
cisco:email_security_appliance	cisco email security appliance	eq	8.5.0-000
cisco:email_security_appliance	cisco email security appliance	eq	8.5.0-er1-198
cisco:email_security_appliance	cisco email security appliance	eq	8.5.6-052
cisco:email_security_appliance	cisco email security appliance	eq	8.5.6-073
cisco:email_security_appliance	cisco email security appliance	eq	8.5.6-074
cisco:email_security_appliance	cisco email security appliance	eq	8.5.6-106
cisco:email_security_appliance	cisco email security appliance	eq	8.5.6-113
cisco:email_security_appliance	cisco email security appliance	eq	8.5.7-042
cisco:email_security_appliance	cisco email security appliance	eq	8.6.0
cisco:email_security_appliance	cisco email security appliance	eq	8.6.0-011

Rows per page:

1-10 of 301

CNA Affected

[
  {
    "product": "Cisco AsyncOS through 9.7.0-125",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco AsyncOS through 9.7.0-125"
      }
    ]
  }
]

References

www.securityfocus.com/bid/93908

www.securitytracker.com/id/1037123

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa1

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for CVE-2016-1481

nvd1 prion1 openvas1 cvelist1 cisco1 threatpost1