Details of VAR-201612-0159

ID

VAR-201612-0159

CVE

CVE-2016-6465

TITLE

Cisco E Email Security For appliance AsyncOS Vulnerability that bypasses the set user filter in the content filtering function of the software

Trust: 0.8

sources: JVNDB: JVNDB-2016-006305

DESCRIPTION

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047. Vendors have confirmed this vulnerability Bug ID CSCva90076 , CSCvb06764 It is released as.A remote attacker may be able to bypass the configured user filter. CiscoEmailSecurityAppliance is a Cisco email security appliance. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCva90076. Note:The issue affects all the devices running Cisco AsyncOS Software. The vulnerability stems from the fact that the program cannot properly filter certain TAR format files

Trust: 2.52

sources: NVD: CVE-2016-6465 // JVNDB: JVNDB-2016-006305 // CNVD: CNVD-2016-12543 // BID: 94901 // VULHUB: VHN-95285

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-12543

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-232	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	8.5.7-042	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.2-047	Trust: 1.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-125	Trust: 1.6
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	10.0.0-125	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	10.0.0-232	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	8.5.7-042	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.7.2-047	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	email security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	-	Trust: 0.3

sources: CNVD: CNVD-2016-12543 // BID: 94901 // JVNDB: JVNDB-2016-006305 // CNNVD: CNNVD-201612-231 // NVD: CVE-2016-6465

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6465
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-6465
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-12543
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201612-231
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95285
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6465
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-12543
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95285
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6465
baseSeverity:	MEDIUM
baseScore:	4.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-12543 // VULHUB: VHN-95285 // JVNDB: JVNDB-2016-006305 // CNNVD: CNNVD-201612-231 // NVD: CVE-2016-6465

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95285 // JVNDB: JVNDB-2016-006305 // NVD: CVE-2016-6465

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-231

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201612-231

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-006305

PATCH

title:	cisco-sa-20161207-esa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa	Trust: 0.8
title:	Patch for CiscoEmailSecurityAppliance Security Bypass Vulnerability (CNVD-2016-12543)	url:	https://www.cnvd.org.cn/patchInfo/show/86150	Trust: 0.6
title:	Cisco AsyncOS for Cisco Email Security Appliances Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66268	Trust: 0.6

sources: CNVD: CNVD-2016-12543 // JVNDB: JVNDB-2016-006305 // CNNVD: CNNVD-201612-231

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6465	Trust: 3.4
db:	BID	id:	94901	Trust: 1.4
db:	SECTRACK	id:	1037404	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-006305	Trust: 0.8
db:	CNVD	id:	CNVD-2016-12543	Trust: 0.6
db:	CNNVD	id:	CNNVD-201612-231	Trust: 0.6
db:	VULHUB	id:	VHN-95285	Trust: 0.1

sources: CNVD: CNVD-2016-12543 // VULHUB: VHN-95285 // BID: 94901 // JVNDB: JVNDB-2016-006305 // CNNVD: CNNVD-201612-231 // NVD: CVE-2016-6465

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161207-esa	Trust: 2.6
url:	http://www.securityfocus.com/bid/94901	Trust: 1.1
url:	http://www.securitytracker.com/id/1037404	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6465	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6465	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-12543 // VULHUB: VHN-95285 // BID: 94901 // JVNDB: JVNDB-2016-006305 // CNNVD: CNNVD-201612-231 // NVD: CVE-2016-6465

CREDITS

Cisco

Trust: 0.3

sources: BID: 94901

SOURCES

db:	CNVD	id:	CNVD-2016-12543
db:	VULHUB	id:	VHN-95285
db:	BID	id:	94901
db:	JVNDB	id:	JVNDB-2016-006305
db:	CNNVD	id:	CNNVD-201612-231
db:	NVD	id:	CVE-2016-6465

LAST UPDATE DATE

2024-11-23T23:05:34.234000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-12543	date:	2016-12-19T00:00:00
db:	VULHUB	id:	VHN-95285	date:	2017-01-05T00:00:00
db:	BID	id:	94901	date:	2016-12-20T01:09:00
db:	JVNDB	id:	JVNDB-2016-006305	date:	2016-12-20T00:00:00
db:	CNNVD	id:	CNNVD-201612-231	date:	2016-12-12T00:00:00
db:	NVD	id:	CVE-2016-6465	date:	2024-11-21T02:56:11.147

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-12543	date:	2016-12-19T00:00:00
db:	VULHUB	id:	VHN-95285	date:	2016-12-14T00:00:00
db:	BID	id:	94901	date:	2016-12-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-006305	date:	2016-12-20T00:00:00
db:	CNNVD	id:	CNNVD-201612-231	date:	2016-12-09T00:00:00
db:	NVD	id:	CVE-2016-6465	date:	2016-12-14T00:59:04.547