CVE-2016-6358

EPSS 1.03%
Veröffentlicht 28.10.2016 10:59:09
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known Fixed Releases: 9.1.1-038.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Email Security Appliance Version9.7.1-066

Cisco ≫ Email Security Appliance Version9.7.2-046

Cisco ≫ Email Security Appliance Version9.7.2-047

Cisco ≫ Email Security Appliance Version9.7.2-054

Cisco ≫ Email Security Appliance Version9.9.6-026

Cisco ≫ Email Security Appliance Version9.9_base

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.03%	0.764

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/93905

http://www.securitytracker.com/id/1037115

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa6

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-6358

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6358

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6358

EUVD