CVE-2016-6372

CVE-2016-6372 affects Cisco AsyncOS for Cisco ESA and WSA (MIME header handling). A vulnerability in email message and content filtering due to improper error handling of malformed MIME headers could allow an unauthenticated, remote attacker to bypass the device’s filtering, potentially allowing ...

CVE-2016-6356

Cisco AsyncOS for Cisco Email Security Appliances is affected by CVE-2016-6356 due to improper input validation of email attachments with corrupted fields in the message filtering feature. An unauthenticated, remote attacker could trigger a DoS by causing the device to stop scanning/forwarding em...

CVE-2016-6372

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions MIME headers of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass the filtering...

CVE-2016-6357

CVE-2016-6357 affects Cisco AsyncOS for the Cisco Email Security Appliance (ESA). The issue is a vulnerability in configured security policies, including drop email filtering, where an unauthenticated, remote attacker could bypass a configured drop filter by sending an email with a corrupted atta...

Cisco Patches Critical Vulnerability in Facility Events Response System

Cisco Systems issued a security bulletin Wednesday for a critical vulnerability found in its IP Interoperability and Collaboration System IPICS. The feature is a key part of a mechanism used by Cisco to facilitate emergency responses for “facility events.” The vulnerability CVE-2016-6397, accordi...

Cisco Email Security Appliance MIME Header Bypass Vulnerability

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions MIME headers of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass the filtering...

Cisco AsyncOS Denial of Service Vulnerability (CNVD-2016-10394)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A remote denial of service vulnerability exists in Cisco AsyncOS, which can be exploited by an unauthenticated, remote attacker to cause a denial of service condition...

Cisco AsyncOS Security Bypass Vulnerability (CNVD-2016-10397)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A remote security bypass vulnerability exists in Cisco AsyncOS, where an unauthenticated, remote attacker bypasses a user's configuration on the appliance and performs an...

Cisco AsyncOS Security Bypass Vulnerability

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A security vulnerability exists in Cisco AsyncOS that could be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations...

Cisco AsyncOS Security Bypass Vulnerability (CNVD-2016-10396)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A security bypass vulnerability exists in Cisco AsyncOS that could be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations...

Cisco AsyncOS for Email and Web Security Appliances Remote Security Bypass Vulnerability

Cisco AsyncOS for Email and Web Security Appliances are both products of Cisco, Inc.Cisco AsyncOS for Email Security Appliances is a set of operating systems used in the Email Security Appliance ESA of Cisco, Inc.Cisco Web Security Appliance WSA is a set of Web security appliances. Cisco AsyncOS...

Cisco AsyncOS Denial of Service Vulnerability (CNVD-2016-10393)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A remote denial of service vulnerability exists in Cisco AsyncOS, which can be exploited by an unauthenticated, remote attacker to cause a denial of service on an affected...

Cisco Email Security Appliance Malformed MIME Header Vulnerability

A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to...

Cisco Email Security Appliance Malformed DGN File Attachment Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the message filtering feature of...

Cisco AsyncOS Denial of Service Vulnerability (CNVD-2016-10395)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. A remote denial of service vulnerability exists in Cisco AsyncOS 9.7.1 and later versions, which can be exploited by an unauthenticated, remote attacker to cause a denial of...

Cisco Email and Web Security Appliance Malformed MIME Header Vulnerability

A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to...

Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection AMP feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages du...

Cisco Email and Web Security Appliance MIME Header Bypass Vulnerability

A vulnerability in the email filtering for malformed Multipurpose Internet Mail Extensions MIME headers of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass the filtering functionality of the...

Cisco Email Security Appliance Drop Bypass Vulnerability

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass a configured drop filter by using an email with a corrupted attachment. The vulnerability is due t...

CVE-2016-6416

The FTP service in Cisco AsyncOS on Email Security Appliance ESA devices 9.6.0-000 through 9.9.6-026, Web Security Appliance WSA devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance SMA devices allows remote attackers to cause a denial of service via a flood of FTP...