CVE-2016-1486

Published on: 10/28/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVE-2016-1486

Source: Mitre Source: NIST CVE.ORG Print: PDF PDF
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Email Security Appliance from Cisco contain the following vulnerability:

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.

  • CVE-2016-1486 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector 		Attack
Complexity		 Privileges
Required		 User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 7.8 - HIGH

Access
Vector		 Access
Complexity		 Authentication
NETWORK LOW NONE
Confidentiality
Impact		 Integrity
Impact		 Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
Cisco Email Security Appliance Advanced Malware Protection Attachment Scanning Denial of Service Vulnerability Vendor Advisory
tools.cisco.com
text/html
 URL Logo CONFIRM tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2
Cisco Email Security Appliance Advanced Malware Protection Bug in Processing UUencoded Files Lets Remote Users Cause the Target System to Crash - SecurityTracker www.securitytracker.com
text/html
 URL Logo SECTRACK 1037124
Cisco AsyncOS CVE-2016-1486 Remote Denial of Service Vulnerability cve.report (archive)
text/html
 URL Logo BID 93906
By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoEmail Security Appliance8.5.0-000AllAllAll
ApplicationCiscoEmail Security Appliance8.5.0-er1-198AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-052AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-073AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-074AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-106AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-113AllAllAll
ApplicationCiscoEmail Security Appliance8.5.7-042AllAllAll
ApplicationCiscoEmail Security Appliance8.6.0AllAllAll
ApplicationCiscoEmail Security Appliance8.6.0-011AllAllAll
ApplicationCiscoEmail Security Appliance8.9.0AllAllAll
ApplicationCiscoEmail Security Appliance8.9.1-000AllAllAll
ApplicationCiscoEmail Security Appliance8.9.2-032AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0-212AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0-461AllAllAll
ApplicationCiscoEmail Security Appliance9.0.5-000AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-011AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-032AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-101AllAllAll
ApplicationCiscoEmail Security Appliance9.1.1-000AllAllAll
ApplicationCiscoEmail Security Appliance9.4.0AllAllAll
ApplicationCiscoEmail Security Appliance9.4.4-000AllAllAll
ApplicationCiscoEmail Security Appliance9.5.0-000AllAllAll
ApplicationCiscoEmail Security Appliance9.5.0-201AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-000AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-042AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-051AllAllAll
ApplicationCiscoEmail Security Appliance9.7.0-125AllAllAll
ApplicationCiscoEmail Security Appliance8.5.0-000AllAllAll
ApplicationCiscoEmail Security Appliance8.5.0-er1-198AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-052AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-073AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-074AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-106AllAllAll
ApplicationCiscoEmail Security Appliance8.5.6-113AllAllAll
ApplicationCiscoEmail Security Appliance8.5.7-042AllAllAll
ApplicationCiscoEmail Security Appliance8.6.0AllAllAll
ApplicationCiscoEmail Security Appliance8.6.0-011AllAllAll
ApplicationCiscoEmail Security Appliance8.9.0AllAllAll
ApplicationCiscoEmail Security Appliance8.9.1-000AllAllAll
ApplicationCiscoEmail Security Appliance8.9.2-032AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0-212AllAllAll
ApplicationCiscoEmail Security Appliance9.0.0-461AllAllAll
ApplicationCiscoEmail Security Appliance9.0.5-000AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-011AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-032AllAllAll
ApplicationCiscoEmail Security Appliance9.1.0-101AllAllAll
ApplicationCiscoEmail Security Appliance9.1.1-000AllAllAll
ApplicationCiscoEmail Security Appliance9.4.0AllAllAll
ApplicationCiscoEmail Security Appliance9.4.4-000AllAllAll
ApplicationCiscoEmail Security Appliance9.5.0-000AllAllAll
ApplicationCiscoEmail Security Appliance9.5.0-201AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-000AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-042AllAllAll
ApplicationCiscoEmail Security Appliance9.6.0-051AllAllAll
ApplicationCiscoEmail Security Appliance9.7.0-125AllAllAll
  • cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*:
© CVE.report 2024 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report