Details of VAR-201611-0171

ID

VAR-201611-0171

CVE

CVE-2016-6462

TITLE

Cisco E Email Security For appliance AsyncOS Set in the email filtering function of AMP Vulnerabilities that bypass the filter

Trust: 0.8

sources: JVNDB: JVNDB-2016-005913

DESCRIPTION

A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCva13456. Known Affected Releases: 10.0.0-082 10.0.0-125 9.7.1-066. Known Fixed Releases: 10.0.0-203 9.7.2-131. The device provides spam protection, email encryption, and data loss prevention. CiscoEmailSecurityAppliance has a security bypass vulnerability that an attacker can use to bypass security restrictions and perform unauthorized operations. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCva13456

Trust: 2.52

sources: NVD: CVE-2016-6462 // JVNDB: JVNDB-2016-005913 // CNVD: CNVD-2016-11330 // BID: 94360 // VULHUB: VHN-95282

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-11330

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-125	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.1-06	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-082	Trust: 1.6
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	10.0.0-082	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	10.0.0-125	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.7.1-066	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	-	Trust: 0.3

sources: CNVD: CNVD-2016-11330 // BID: 94360 // JVNDB: JVNDB-2016-005913 // CNNVD: CNNVD-201611-444 // NVD: CVE-2016-6462

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6462
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-6462
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-11330
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201611-444
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95282
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6462
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-11330
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95282
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6462
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-11330 // VULHUB: VHN-95282 // JVNDB: JVNDB-2016-005913 // CNNVD: CNNVD-201611-444 // NVD: CVE-2016-6462

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95282 // JVNDB: JVNDB-2016-005913 // NVD: CVE-2016-6462

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-444

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201611-444

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005913

PATCH

title:	cisco-sa-20161116-esa1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-esa1	Trust: 0.8
title:	Patch for CiscoEmailSecurityAppliance Security Bypass Vulnerability (CNVD-2016-11330)	url:	https://www.cnvd.org.cn/patchInfo/show/84100	Trust: 0.6
title:	Cisco AsyncOS for Cisco Email Security Appliances Remote security bypass vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65783	Trust: 0.6

sources: CNVD: CNVD-2016-11330 // JVNDB: JVNDB-2016-005913 // CNNVD: CNNVD-201611-444

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6462	Trust: 3.4
db:	BID	id:	94360	Trust: 2.0
db:	SECTRACK	id:	1037307	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-005913	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-444	Trust: 0.7
db:	CNVD	id:	CNVD-2016-11330	Trust: 0.6
db:	VULHUB	id:	VHN-95282	Trust: 0.1

sources: CNVD: CNVD-2016-11330 // VULHUB: VHN-95282 // BID: 94360 // JVNDB: JVNDB-2016-005913 // CNNVD: CNNVD-201611-444 // NVD: CVE-2016-6462

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161116-esa1	Trust: 2.0
url:	http://www.securityfocus.com/bid/94360	Trust: 1.7
url:	http://www.securitytracker.com/id/1037307	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6462	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6462	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-11330 // VULHUB: VHN-95282 // BID: 94360 // JVNDB: JVNDB-2016-005913 // CNNVD: CNNVD-201611-444 // NVD: CVE-2016-6462

CREDITS

Cisco

Trust: 0.3

sources: BID: 94360

SOURCES

db:	CNVD	id:	CNVD-2016-11330
db:	VULHUB	id:	VHN-95282
db:	BID	id:	94360
db:	JVNDB	id:	JVNDB-2016-005913
db:	CNNVD	id:	CNNVD-201611-444
db:	NVD	id:	CVE-2016-6462

LAST UPDATE DATE

2024-11-23T23:02:32.652000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-11330	date:	2016-11-21T00:00:00
db:	VULHUB	id:	VHN-95282	date:	2017-07-28T00:00:00
db:	BID	id:	94360	date:	2016-11-24T01:11:00
db:	JVNDB	id:	JVNDB-2016-005913	date:	2016-11-24T00:00:00
db:	CNNVD	id:	CNNVD-201611-444	date:	2016-11-21T00:00:00
db:	NVD	id:	CVE-2016-6462	date:	2024-11-21T02:56:10.787

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-11330	date:	2016-11-21T00:00:00
db:	VULHUB	id:	VHN-95282	date:	2016-11-19T00:00:00
db:	BID	id:	94360	date:	2016-11-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-005913	date:	2016-11-24T00:00:00
db:	CNNVD	id:	CNNVD-201611-444	date:	2016-11-21T00:00:00
db:	NVD	id:	CVE-2016-6462	date:	2016-11-19T03:03:05.587