CVE-2016-6465

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/94901	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037404	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:::::::*
	cpe:2.3:a:cisco:email_security_appliance:9.7.2-047:::::::*
	cpe:2.3:a:cisco:email_security_appliance:10.0.0-125:::::::*
	cpe:2.3:a:cisco:email_security_appliance:10.0.0-232:::::::*

History

No history.

Information

Published : 2016-12-14 00:59

Updated : 2024-02-04 19:11

NVD link : CVE-2016-6465

Mitre link : CVE-2016-6465

CVE.ORG link : CVE-2016-6465

JSON object : View

Products Affected

cisco

email_security_appliance

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2016-6465", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2016-12-14T00:59:04.547", "references": [{"url": "http://www.securityfocus.com/bid/94901", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1037404", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that are configured to use message or content filters that scan incoming email attachments; Cisco Web Security Appliances (WSAs) that are configured to use services that scan accessed web content. More Information: CSCva90076, CSCvb06764. Known Affected Releases: 10.0.0-125 8.5.7-042 9.7.2-047."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad de filtro de contenido de Cisco AsyncOS Software para Cisco Email Security Appliances y Cisco Web Security Appliances puede permitir a un atacante remoto no autenticado eludir los filtros de usuario que est\u00e1n configurados para el dispositivo afectado. Productos Afectados: Esta vulnerabilidad afecta a todos los lanzamientos previos al primer lanzamiento reparado de Cisco AsyncOS Software tanto para versi\u00f3n virtual como para versi\u00f3n hardware de los siguientes productos Cisco: Cisco Email Security Appliances (ESAs) que est\u00e1 configurado para utilizar filtros de mensaje o contenido que escanean los archivos adjuntos en correos electr\u00f3nicos entrantes; Cisco Web Security Appliances (WSAs) que est\u00e1 configurado para utilizar servicios que escanean el contenido web al que se ha accedido. M\u00e1s informaci\u00f3n: CSCva90076, CSCvb06764. Lanzamientos Afectados Conocidos: 10.0.0-125 8.5.7-042 9.7.2-047."}], "lastModified": "2017-01-05T13:41:25.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46895808-4225-42FB-BA8B-12ADFADAB4AA"}, {"criteria": "cpe:2.3:a:cisco:email_security_appliance:9.7.2-047:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4ED5BEF-5F3F-42D6-A953-B12FC9028EB2"}, {"criteria": "cpe:2.3:a:cisco:email_security_appliance:10.0.0-125:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D820CC4-74BA-4B67-872D-78ED8BF59D31"}, {"criteria": "cpe:2.3:a:cisco:email_security_appliance:10.0.0-232:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "873FD131-3E10-4951-ADDC-4756FEC0CEE8"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}