PT-2016-6844 · Cisco · Cisco Asyncos Software For Email Security Appliances+2

Publicado

2016-10-28

·

Atualizado

2017-07-29

·

CVE-2016-6360

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 through the first fixed release Cisco AsyncOS Software for Web Security Appliances (WSA) versions prior to the first fixed release
Description A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting.
Recommendations For Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 through the first fixed release, update to the first fixed release or later. For Cisco AsyncOS Software for Web Security Appliances (WSA) versions prior to the first fixed release, update to the first fixed release or later.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2016-6360

Produtos afetados

Advanced Malware Protection
Cisco Asyncos Software For Email Security Appliances
Cisco Asyncos Software For Web Security Appliances