CVE-2016-6463

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS Software for Cisco Email Security Appliances versions prior to 10.0.0-203 Cisco AsyncOS Software for Cisco Email Security Appliances versions prior to 9.7.2-131

Description A vulnerability in the email filtering functionality could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters configured for an affected device, if the AMP feature is configured to scan incoming email attachments.

Recommendations For versions 10.0.0-082, 9.7.0-125, and 9.7.1-066, update to a fixed release, such as 10.0.0-203 or 9.7.2-131, to resolve the issue. As a temporary workaround, consider disabling the AMP feature for scanning incoming email attachments until a patch is available.