Details of VAR-201610-0316

ID

VAR-201610-0316

CVE

CVE-2016-6356

TITLE

Cisco ESA Run on device AsyncOS Service disruption in software email message filtering function (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005648

DESCRIPTION

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. More Information: CSCuz63143. Known Affected Releases: 8.5.7-042 9.7.0-125. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuz63143 It is released as.Service disruption by a third party (DoS) Status and scanning and email forwarding will be stopped There is a possibility. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. An attacker can exploit this issue to restart the device, resulting in denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuz63143

Trust: 2.61

sources: NVD: CVE-2016-6356 // JVNDB: JVNDB-2016-005648 // CNVD: CNVD-2016-10394 // BID: 93907 // VULHUB: VHN-95176 // VULMON: CVE-2016-6356

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10394

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-101	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-052	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-er1-198	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-113	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	3.3.1-09	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-461	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.5.0	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-000	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.3-025	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-073	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.7.1-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-011	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.3.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.1-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.7-042	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.4-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.7.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.0.1-023	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.5	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.1-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.1	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.2-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.4	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0-011	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.2	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.5.2-201	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.3.2	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-066	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-074	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.3-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.8.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-106	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.3	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.2	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.1.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.8.0-311	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.5.2	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.0_base	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.6.1-gpl-022	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.5-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-201	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.3.1	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-051	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.0-125	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-212	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-042	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	7.5.1	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asyncos software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.6	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.5	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.1	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	8.5	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	9.7.2-047	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	9.1.1-038	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	10.0.0-125	Trust: 0.3

sources: CNVD: CNVD-2016-10394 // BID: 93907 // JVNDB: JVNDB-2016-005648 // CNNVD: CNNVD-201610-753 // NVD: CVE-2016-6356

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6356
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6356
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10394
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201610-753
value:	HIGH
Trust: 0.6
VULHUB:	VHN-95176
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-6356
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-6356
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-10394
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95176
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6356
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-10394 // VULHUB: VHN-95176 // VULMON: CVE-2016-6356 // JVNDB: JVNDB-2016-005648 // CNNVD: CNNVD-201610-753 // NVD: CVE-2016-6356

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95176 // JVNDB: JVNDB-2016-005648 // NVD: CVE-2016-6356

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-753

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201610-753

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005648

PATCH

title:	cisco-sa-20161026-esa3	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa3	Trust: 0.8
title:	Patch for CiscoAsyncOS Denial of Service Vulnerability (CNVD-2016-10394)	url:	https://www.cnvd.org.cn/patchInfo/show/83242	Trust: 0.6
title:	Cisco AsyncOS for Cisco Email Security Appliances Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65109	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/	Trust: 0.1

sources: CNVD: CNVD-2016-10394 // VULMON: CVE-2016-6356 // JVNDB: JVNDB-2016-005648 // CNNVD: CNNVD-201610-753

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6356	Trust: 3.5
db:	BID	id:	93907	Trust: 2.7
db:	SECTRACK	id:	1037122	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-005648	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-753	Trust: 0.7
db:	CNVD	id:	CNVD-2016-10394	Trust: 0.6
db:	VULHUB	id:	VHN-95176	Trust: 0.1
db:	VULMON	id:	CVE-2016-6356	Trust: 0.1

sources: CNVD: CNVD-2016-10394 // VULHUB: VHN-95176 // VULMON: CVE-2016-6356 // BID: 93907 // JVNDB: JVNDB-2016-005648 // CNNVD: CNNVD-201610-753 // NVD: CVE-2016-6356

REFERENCES

url:	http://www.securityfocus.com/bid/93907	Trust: 2.5
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-esa3	Trust: 2.1
url:	http://www.securitytracker.com/id/1037122	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6356	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6356	Trust: 0.8
url:	http://www.cisco.com/c/en/us/products/security/email-security-appliance/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/	Trust: 0.1

sources: CNVD: CNVD-2016-10394 // VULHUB: VHN-95176 // VULMON: CVE-2016-6356 // BID: 93907 // JVNDB: JVNDB-2016-005648 // CNNVD: CNNVD-201610-753 // NVD: CVE-2016-6356

CREDITS

Cisco

Trust: 0.9

sources: BID: 93907 // CNNVD: CNNVD-201610-753

SOURCES

db:	CNVD	id:	CNVD-2016-10394
db:	VULHUB	id:	VHN-95176
db:	VULMON	id:	CVE-2016-6356
db:	BID	id:	93907
db:	JVNDB	id:	JVNDB-2016-005648
db:	CNNVD	id:	CNNVD-201610-753
db:	NVD	id:	CVE-2016-6356

LAST UPDATE DATE

2024-11-23T21:42:44.376000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10394	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-95176	date:	2017-07-29T00:00:00
db:	VULMON	id:	CVE-2016-6356	date:	2017-07-29T00:00:00
db:	BID	id:	93907	date:	2016-11-24T07:03:00
db:	JVNDB	id:	JVNDB-2016-005648	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-753	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-6356	date:	2024-11-21T02:55:58.163

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-10394	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-95176	date:	2016-10-28T00:00:00
db:	VULMON	id:	CVE-2016-6356	date:	2016-10-28T00:00:00
db:	BID	id:	93907	date:	2016-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-005648	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-753	date:	2016-10-28T00:00:00
db:	NVD	id:	CVE-2016-6356	date:	2016-10-28T10:59:06.587