CVE-2016-1486
Published on: 10/28/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:05 PM UTC
Certain versions of Email Security Appliance from Cisco contain the following vulnerability:
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.
- CVE-2016-1486 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | NONE | HIGH |
CVSS2 Score: 7.8 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | NONE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability | Vendor Advisory tools.cisco.com text/html | CONFIRM tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2 |
Cisco Email Security Appliance Advanced Malware Protection Bug in Processing UUencoded Files Lets Remote Users Cause the Target System to Crash - SecurityTracker | www.securitytracker.com text/html | SECTRACK 1037124 |
Cisco AsyncOS CVE-2016-1486 Remote Denial of Service Vulnerability | cve.report (archive) text/html | BID 93906 |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Cisco | Email Security Appliance | 8.5.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.0-er1-198 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-052 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-073 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-074 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-106 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-113 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.7-042 | All | All | All |
Application | Cisco | Email Security Appliance | 8.6.0 | All | All | All |
Application | Cisco | Email Security Appliance | 8.6.0-011 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.0 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.1-000 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.2-032 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0-212 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0-461 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.5-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-011 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-032 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-101 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.1-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.4.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.4.4-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.5.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.5.0-201 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-042 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-051 | All | All | All |
Application | Cisco | Email Security Appliance | 9.7.0-125 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.0-er1-198 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-052 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-073 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-074 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-106 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.6-113 | All | All | All |
Application | Cisco | Email Security Appliance | 8.5.7-042 | All | All | All |
Application | Cisco | Email Security Appliance | 8.6.0 | All | All | All |
Application | Cisco | Email Security Appliance | 8.6.0-011 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.0 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.1-000 | All | All | All |
Application | Cisco | Email Security Appliance | 8.9.2-032 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0-212 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.0-461 | All | All | All |
Application | Cisco | Email Security Appliance | 9.0.5-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-011 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-032 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.0-101 | All | All | All |
Application | Cisco | Email Security Appliance | 9.1.1-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.4.0 | All | All | All |
Application | Cisco | Email Security Appliance | 9.4.4-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.5.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.5.0-201 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-000 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-042 | All | All | All |
Application | Cisco | Email Security Appliance | 9.6.0-051 | All | All | All |
Application | Cisco | Email Security Appliance | 9.7.0-125 | All | All | All |
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*:
- cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*: