Details of VAR-201610-0343

ID

VAR-201610-0343

CVE

CVE-2016-1486

TITLE

Cisco ESA Run on device AsyncOS Software Advanced Malware Protection Service disruption in functionality (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-005647

DESCRIPTION

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCuy99453 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party (DoS) Status and scanning and email forwarding will be stopped There is a possibility. The Cisco AsyncOS operating system is designed to enhance the security and performance of Cisco Email Security appliances. A remote denial of service vulnerability exists in Cisco AsyncOS 9.7.1 and later, which is exploited by an unauthenticated remote attacker to cause a denial of service. An attacker can exploit this issue to cause a denial-of-service condition. Cisco AsyncOS Software versions 9.7.1 and later are affected

Trust: 2.61

sources: NVD: CVE-2016-1486 // JVNDB: JVNDB-2016-005647 // CNVD: CNVD-2016-10395 // BID: 93906 // VULHUB: VHN-90305 // VULMON: CVE-2016-1486

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10395

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-212	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-052	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.0-125	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.1-000	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.7-042	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-051	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0-011	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-073	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-011	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.1-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-074	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-106	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-er1-198	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.6-113	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.6.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.4.4-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-201	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.5-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.2-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.9.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.6.0-042	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.5.0-000	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.0.0-461	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.0-101	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asyncos software	scope:	gte	version:	9.7.1	Trust: 0.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	eq	version:	10.0	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	ne	version:	9.7.2-047	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	ne	version:	9.7.1-207	Trust: 0.3
vendor:	cisco	model:	asyncos software	scope:	ne	version:	10.0.0-125	Trust: 0.3

sources: CNVD: CNVD-2016-10395 // BID: 93906 // JVNDB: JVNDB-2016-005647 // CNNVD: CNNVD-201610-749 // NVD: CVE-2016-1486

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1486
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1486
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10395
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201610-749
value:	HIGH
Trust: 0.6
VULHUB:	VHN-90305
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-1486
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1486
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-10395
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90305
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1486
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-10395 // VULHUB: VHN-90305 // VULMON: CVE-2016-1486 // JVNDB: JVNDB-2016-005647 // CNNVD: CNNVD-201610-749 // NVD: CVE-2016-1486

PROBLEMTYPE DATA

problemtype:	CWE-19	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-90305 // JVNDB: JVNDB-2016-005647 // NVD: CVE-2016-1486

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-749

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201610-749

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005647

PATCH

title:	cisco-sa-20161026-esa2	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2	Trust: 0.8
title:	Patch for CiscoAsyncOS Denial of Service Vulnerability (CNVD-2016-10395)	url:	https://www.cnvd.org.cn/patchInfo/show/83241	Trust: 0.6
title:	Cisco AsyncOS for Cisco Email Security Appliances Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65105	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/	Trust: 0.1

sources: CNVD: CNVD-2016-10395 // VULMON: CVE-2016-1486 // JVNDB: JVNDB-2016-005647 // CNNVD: CNNVD-201610-749

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1486	Trust: 3.5
db:	BID	id:	93906	Trust: 2.7
db:	SECTRACK	id:	1037124	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-005647	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-749	Trust: 0.7
db:	CNVD	id:	CNVD-2016-10395	Trust: 0.6
db:	VULHUB	id:	VHN-90305	Trust: 0.1
db:	VULMON	id:	CVE-2016-1486	Trust: 0.1

sources: CNVD: CNVD-2016-10395 // VULHUB: VHN-90305 // VULMON: CVE-2016-1486 // BID: 93906 // JVNDB: JVNDB-2016-005647 // CNNVD: CNNVD-201610-749 // NVD: CVE-2016-1486

REFERENCES

url:	http://www.securityfocus.com/bid/93906	Trust: 2.5
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-esa2	Trust: 2.1
url:	http://www.securitytracker.com/id/1037124	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1486	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1486	Trust: 0.8
url:	http://www.cisco.com/c/en/us/products/security/email-security-appliance/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/19.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/	Trust: 0.1

sources: CNVD: CNVD-2016-10395 // VULHUB: VHN-90305 // VULMON: CVE-2016-1486 // BID: 93906 // JVNDB: JVNDB-2016-005647 // CNNVD: CNNVD-201610-749 // NVD: CVE-2016-1486

CREDITS

Cisco

Trust: 0.9

sources: BID: 93906 // CNNVD: CNNVD-201610-749

SOURCES

db:	CNVD	id:	CNVD-2016-10395
db:	VULHUB	id:	VHN-90305
db:	VULMON	id:	CVE-2016-1486
db:	BID	id:	93906
db:	JVNDB	id:	JVNDB-2016-005647
db:	CNNVD	id:	CNNVD-201610-749
db:	NVD	id:	CVE-2016-1486

LAST UPDATE DATE

2024-11-23T22:59:27.299000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10395	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-90305	date:	2017-07-29T00:00:00
db:	VULMON	id:	CVE-2016-1486	date:	2017-07-29T00:00:00
db:	BID	id:	93906	date:	2016-11-24T00:04:00
db:	JVNDB	id:	JVNDB-2016-005647	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-749	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-1486	date:	2024-11-21T02:46:31.923

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-10395	date:	2016-10-31T00:00:00
db:	VULHUB	id:	VHN-90305	date:	2016-10-28T00:00:00
db:	VULMON	id:	CVE-2016-1486	date:	2016-10-28T00:00:00
db:	BID	id:	93906	date:	2016-10-26T00:00:00
db:	JVNDB	id:	JVNDB-2016-005647	date:	2016-11-01T00:00:00
db:	CNNVD	id:	CNNVD-201610-749	date:	2016-10-28T00:00:00
db:	NVD	id:	CVE-2016-1486	date:	2016-10-28T10:59:05.197