Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-6360
HistoryOct 28, 2016 - 10:59 a.m.

CVE-2016-6360

2016-10-2810:59:10
CWE-20
[email protected]
web.nvd.nist.gov
17
cisco
email security
web security
vulnerability
dos
cve-2016-6360
nvd
amp

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 and later up to the first fixed release, Cisco AsyncOS Software for Web Security Appliances (WSA) all versions prior to the first fixed release. More Information: CSCux56406, CSCux59928. Known Affected Releases: 9.6.0-051 9.7.0-125 8.8.0-085 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.7.1-066 WSA10.0.0-233.

Affected configurations

NVD
Node
ciscoemail_security_applianceMatch9.5.0-000
OR
ciscoemail_security_applianceMatch9.5.0-201
OR
ciscoemail_security_applianceMatch9.6.0-000
OR
ciscoemail_security_applianceMatch9.6.0-042
OR
ciscoemail_security_applianceMatch9.6.0-051
OR
ciscoemail_security_applianceMatch9.7.0-125
OR
ciscoweb_security_applianceMatch8.8.0-085
OR
ciscoweb_security_applianceMatch9.0.0-193
OR
ciscoweb_security_applianceMatch9.0_base
OR
ciscoweb_security_applianceMatch9.1.0-000
OR
ciscoweb_security_applianceMatch9.1.0-070
OR
ciscoweb_security_applianceMatch9.1_base
OR
ciscoweb_security_applianceMatch9.5.0-235
OR
ciscoweb_security_applianceMatch9.5.0-284
OR
ciscoweb_security_applianceMatch9.5.0-444
OR
ciscoweb_security_applianceMatch9.5_base

CNA Affected

[
  {
    "product": "Cisco AsyncOS through WSA10.0.0-000",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco AsyncOS through WSA10.0.0-000"
      }
    ]
  }
]

Related

prion 1
nvd 1
openvas 2
cvelist 1
cisco 1
threatpost 1
prion
prion
Design/Logic Flaw
2016-10-28 10:59:00
nvd
nvd
CVE-2016-6360
2016-10-28 10:59:10
openvas
openvas
Cisco Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)
2016-10-27 00:00:00
Cisco Email Security Appliance JAR Advanced Malware Protection DoS Vulnerability (cisco-sa-20161026-esawsa3)
2016-10-27 00:00:00
cvelist
cvelist
CVE-2016-6360
2016-10-28 10:00:00
cisco
cisco
Cisco Email and Web Security Appliance JAR Advanced Malware Protection DoS Vulnerability
2016-10-26 16:00:00
threatpost
threatpost
Cisco Patches Critical Bugs in 900 Series Routers, Prime Home Server
2016-11-03 11:06:28

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON
Related for CVE-2016-6360
prion1nvd1openvas2cvelist1cisco1threatpost1