5.9

CVE-2016-1411

EPSS 0.22%
Veröffentlicht 14.12.2016 00:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected Releases: 7.5.2-201 7.6.3-025 8.0.1-023 8.5.0-000 8.5.0-ER1-198 7.5.2-HP2-303 7.7.0-608 7.7.5-835 8.5.1-021 8.8.0-000 7.9.1-102 8.0.0-404 8.1.1-013 8.2.0-222. Known Fixed Releases: 8.0.2-069 8.0.2-074 8.5.7-042 9.1.0-032 8.5.2-027 9.6.1-019.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Content Security Management Appliance Version9.1.0

Cisco ≫ Content Security Management Appliance Version9.1.0-004

Cisco ≫ Content Security Management Appliance Version9.1.0-031

Cisco ≫ Content Security Management Appliance Version9.1.0-033

Cisco ≫ Content Security Management Appliance Version9.1.0-103

Cisco ≫ Content Security Management Appliance Version9.6.0

Cisco ≫ Email Security Appliance Version7.5.2-201

Cisco ≫ Email Security Appliance Version7.5.2-hp2-303

Cisco ≫ Email Security Appliance Version7.6.3-025

Cisco ≫ Email Security Appliance Version8.0.1-023

Cisco ≫ Email Security Appliance Version8.5.0-000

Cisco ≫ Email Security Appliance Version8.5.0-er1-198

Cisco ≫ Email Security Appliance Version8.5.1-021

Cisco ≫ Web Security Appliance Version7.7.0-608

Cisco ≫ Web Security Appliance Version7.7.5-835

Cisco ≫ Web Security Appliance Version8.8.0-000

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.22%	0.421

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://www.securityfocus.com/bid/94791

Third Party Advisory

VDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asyncos

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-1411

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-1411

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-1411

EUVD