Details of VAR-201610-0318

ID

VAR-201610-0318

CVE

CVE-2016-6372

TITLE

Cisco AsyncOS for Email and Web Security Appliances Remote Security Bypass Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2016-10403 // BID: 93911

DESCRIPTION

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuy54740 and CSCuy75174 It is released as.A third party could bypass the filtering function. Cisco AsyncOS for Email and Web Security Appliances are products of Cisco. CiscoAsyncOSforEmailSecurityAppliances is a set of operating systems used by Cisco Systems in the E-mail Security Appliance (ESA). Cisco Web Security Appliance (WSA) is a network security appliance. A remote security bypass vulnerability exists in CiscoAsyncOSforEmail and WebSecurityAppliances. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. This may aid in further attacks This issue is tracked by Cisco Bug IDs CSCuy54740 and CSCuy75174

Trust: 2.52

sources: NVD: CVE-2016-6372 // JVNDB: JVNDB-2016-005652 // CNVD: CNVD-2016-10403 // BID: 93911 // VULHUB: VHN-95192

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10403

AFFECTED PRODUCTS

vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.6	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.7	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-074	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.7.5-835	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-106	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.0-125	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.1-000	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.5.0-000	Trust: 1.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.1.0	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-201	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-011	Trust: 1.0
vendor:	cisco	model:	web security appliance 8.0.5	scope:	eq	version:	hot_patch_1	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-052	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.1.3	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-032	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.2-027	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.2-024	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.7-142	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.7.1-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.1_base	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.5_base	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.3-055	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0-011	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.9_base	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.5.1-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.8.0-085	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.1.0-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.5.2-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.0.000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.7.0-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.5.0-444	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.1-021	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.5.0-497	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.0.0-193	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.5	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.5-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.5.2-hp2-303	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.8.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-212	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-042	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.8-mr-113	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-101	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	6.0.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.7-042	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-er1-198	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.4-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.0-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.0_base	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.0.1-023	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.5.0-235	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.5.0-284	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.9.6-026	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.2-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.1-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-073	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-461	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-066	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-113	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	9.1.0-070	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.5.0-825	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.1.1	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-000	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.1.4	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.0_base	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.7.0-608	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-051	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	5.6.0-623	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.6-078	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	7.1.2	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	eq	version:	8.0.6-119	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	web security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	web security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-10403 // BID: 93911 // JVNDB: JVNDB-2016-005652 // CNNVD: CNNVD-201610-748 // NVD: CVE-2016-6372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6372
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6372
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10403
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201610-748
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95192
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6372
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-10403
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95192
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6372
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-10403 // VULHUB: VHN-95192 // JVNDB: JVNDB-2016-005652 // CNNVD: CNNVD-201610-748 // NVD: CVE-2016-6372

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95192 // JVNDB: JVNDB-2016-005652 // NVD: CVE-2016-6372

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-748

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201610-748

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005652

PATCH

title:	cisco-sa-20161026-esawsa2	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esawsa2	Trust: 0.8
title:	CiscoAsyncOSforEmail and WebSecurityAppliances Remote Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/83295	Trust: 0.6
title:	Cisco AsyncOS for Cisco Email Security Appliances and Web Security Appliances Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65157	Trust: 0.6

sources: CNVD: CNVD-2016-10403 // JVNDB: JVNDB-2016-005652 // CNNVD: CNNVD-201610-748

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6372	Trust: 3.4
db:	BID	id:	93911	Trust: 2.6
db:	SECTRACK	id:	1037118	Trust: 1.1
db:	SECTRACK	id:	1037119	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-005652	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-748	Trust: 0.7
db:	CNVD	id:	CNVD-2016-10403	Trust: 0.6
db:	VULHUB	id:	VHN-95192	Trust: 0.1

sources: CNVD: CNVD-2016-10403 // VULHUB: VHN-95192 // BID: 93911 // JVNDB: JVNDB-2016-005652 // CNNVD: CNNVD-201610-748 // NVD: CVE-2016-6372

REFERENCES

url:	http://www.securityfocus.com/bid/93911	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-esawsa2	Trust: 2.0
url:	http://www.securitytracker.com/id/1037118	Trust: 1.1
url:	http://www.securitytracker.com/id/1037119	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6372	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6372	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-10403 // VULHUB: VHN-95192 // BID: 93911 // JVNDB: JVNDB-2016-005652 // CNNVD: CNNVD-201610-748 // NVD: CVE-2016-6372

CREDITS

Cisco

Trust: 0.9

sources: BID: 93911 // CNNVD: CNNVD-201610-748

SOURCES

db:	CNVD	id:	CNVD-2016-10403
db:	VULHUB	id:	VHN-95192
db:	BID	id:	93911
db:	JVNDB	id:	JVNDB-2016-005652
db:	CNNVD	id:	CNNVD-201610-748
db:	NVD	id:	CVE-2016-6372

LAST UPDATE DATE

2024-11-23T22:01:23.341000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10403	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-95192	date:	2017-07-29T00:00:00
db:	BID	id:	93911	date:	2016-11-24T01:10:00
db:	JVNDB	id:	JVNDB-2016-005652	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-748	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-6372	date:	2024-11-21T02:56:00.140

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-10403	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-95192	date:	2016-10-28T00:00:00
db:	BID	id:	93911	date:	2016-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-005652	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-748	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-6372	date:	2016-10-28T10:59:11.387