CVE-2016-6356

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Cisco Email Security Appliances versions prior to 9.1.1-038 Cisco AsyncOS Software for Cisco Email Security Appliances versions prior to 9.7.2-047 Cisco AsyncOS Software for Cisco Email Security Appliances versions 8.5.7-042 Cisco AsyncOS Software for Cisco Email Security Appliances versions 9.7.0-125

Description A vulnerability in the email message filtering feature could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. This issue affects devices configured to apply a message filter or content filter to incoming email attachments, and it is not limited to any specific rules or actions for a message filter or content filter.

Recommendations For versions 8.5.7-042, update to version 9.1.1-038 or later. For versions 9.7.0-125, update to version 9.7.2-047 or later. As a temporary workaround, consider disabling the message filter or content filter feature for incoming email attachments until a patch is available.