CVE-2015-4236

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS on Email Security Appliance (ESA) devices versions 8.5.6-073 through 8.5.6-074 Cisco AsyncOS on Email Security Appliance (ESA) devices version 9.0.0-461

Description The issue allows remote attackers to cause a denial of service, resulting in clustering and SSH outage, via a packet flood when clustering is enabled.

Recommendations For versions 8.5.6-073 and 8.5.6-074, consider disabling clustering as a temporary workaround until a patch is available. For version 9.0.0-461, consider restricting SSH access to minimize the risk of exploitation. As a general mitigation measure, implement rate limiting on incoming packets to prevent flooding.