PT-2016-6844 · Cisco · Cisco Asyncos Software For Email Security Appliances+2
Published
2016-10-28
·
Updated
2017-07-29
·
CVE-2016-6360
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 through the first fixed release
Cisco AsyncOS Software for Web Security Appliances (WSA) versions prior to the first fixed release
Description
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting.
Recommendations
For Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 through the first fixed release, update to the first fixed release or later.
For Cisco AsyncOS Software for Web Security Appliances (WSA) versions prior to the first fixed release, update to the first fixed release or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Advanced Malware Protection
Cisco Asyncos Software For Email Security Appliances
Cisco Asyncos Software For Web Security Appliances