7.8

CVE-2016-1486

EPSS 0.76%
Published 28.10.2016 10:59:05
Last modified 12.04.2025 10:46:40
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Email Security Appliance Version8.5.0-000

Cisco ≫ Email Security Appliance Version8.5.0-er1-198

Cisco ≫ Email Security Appliance Version8.5.6-052

Cisco ≫ Email Security Appliance Version8.5.6-073

Cisco ≫ Email Security Appliance Version8.5.6-074

Cisco ≫ Email Security Appliance Version8.5.6-106

Cisco ≫ Email Security Appliance Version8.5.6-113

Cisco ≫ Email Security Appliance Version8.5.7-042

Cisco ≫ Email Security Appliance Version8.6.0

Cisco ≫ Email Security Appliance Version8.6.0-011

Cisco ≫ Email Security Appliance Version8.9.0

Cisco ≫ Email Security Appliance Version8.9.1-000

Cisco ≫ Email Security Appliance Version8.9.2-032

Cisco ≫ Email Security Appliance Version9.0.0

Cisco ≫ Email Security Appliance Version9.0.0-212

Cisco ≫ Email Security Appliance Version9.0.0-461

Cisco ≫ Email Security Appliance Version9.0.5-000

Cisco ≫ Email Security Appliance Version9.1.0

Cisco ≫ Email Security Appliance Version9.1.0-011

Cisco ≫ Email Security Appliance Version9.1.0-032

Cisco ≫ Email Security Appliance Version9.1.0-101

Cisco ≫ Email Security Appliance Version9.1.1-000

Cisco ≫ Email Security Appliance Version9.4.0

Cisco ≫ Email Security Appliance Version9.4.4-000

Cisco ≫ Email Security Appliance Version9.5.0-000

Cisco ≫ Email Security Appliance Version9.5.0-201

Cisco ≫ Email Security Appliance Version9.6.0-000

Cisco ≫ Email Security Appliance Version9.6.0-042

Cisco ≫ Email Security Appliance Version9.6.0-051

Cisco ≫ Email Security Appliance Version9.7.0-125

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.76%	0.71

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://www.securityfocus.com/bid/93906

http://www.securitytracker.com/id/1037124

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-1486

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-1486

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-1486

EUVD