Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
445
VMScore

CVE-2016-6372

Published: 28/10/2016 Updated: 29/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Cisco

Vulnerability Summary

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote malicious user to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco web security appliance 9.1.0-000

cisco email security appliance 9.9_base

cisco email security appliance 8.9.1-000

cisco web security appliance 7.1.0

cisco email security appliance 9.6.0-051

cisco email security appliance 9.7.1-066

cisco web security appliance 8.5.2-024

cisco web security appliance 9.5.0-235

cisco email security appliance 9.0.0

cisco email security appliance 8.5.7-042

cisco email security appliance 8.5.0-000

cisco web security appliance 8.0.5 hot_patch_1

cisco email security appliance 8.0_base

cisco web security appliance 7.1.2

cisco email security appliance 9.1.0-032

cisco web security appliance 8.5.2-027

cisco web security appliance 7.1.1

cisco web security appliance 8.8.0-085

cisco web security appliance 8.0.7-142

cisco email security appliance 8.9.0

cisco email security appliance 9.7.0-125

cisco email security appliance 8.5.6-074

cisco web security appliance 8.0.5

cisco email security appliance 9.1.0-101

cisco email security appliance 9.0.0-461

cisco email security appliance 9.5.0-000

cisco web security appliance 9.1_base

cisco web security appliance 7.1.3

cisco web security appliance 8.0.6-119

cisco email security appliance 9.1.1-000

cisco web security appliance 9.5.0-444

cisco email security appliance 9.6.0-000

cisco web security appliance 5.6.0-623

cisco email security appliance 9.1.0

cisco email security appliance 9.4.0

cisco email security appliance 8.0.1-023

cisco email security appliance 8.6.0-011

cisco email security appliance 8.5.6-106

cisco web security appliance 8.0.0-000

cisco web security appliance 7.5.0-000

cisco email security appliance 9.5.0-201

cisco email security appliance 8.5.6-113

cisco web security appliance 6.0.0-000

cisco email security appliance 8.5.6-052

cisco web security appliance 7.7.0-608

cisco web security appliance 9.0_base

cisco web security appliance 7.7.1-000

cisco web security appliance 7.5.2-hp2-303

cisco web security appliance 7.7.0-000

cisco web security appliance 9.5.0-284

cisco email security appliance 9.6.0-042

cisco email security appliance 8.9.2-032

cisco web security appliance 7.5.1-000

cisco web security appliance 8.0.6-078

cisco web security appliance 9.0.0-193

cisco web security appliance 8.0.8-mr-113

cisco email security appliance 8.6.0

cisco web security appliance 7.1.4

cisco web security appliance 8.0.7

cisco web security appliance 8.0.6

cisco web security appliance 7.7.5-835

cisco web security appliance 8.5.0.000

cisco web security appliance 9.1.0-070

cisco email security appliance 8.5.0-er1-198

cisco email security appliance 9.9.6-026

cisco email security appliance 8.5.6-073

cisco email security appliance 9.0.0-212

cisco email security appliance 9.4.4-000

cisco web security appliance 9.5_base

cisco web security appliance 8.5.3-055

cisco web security appliance 7.5.0-825

cisco email security appliance 9.0.5-000

cisco web security appliance 8.8.0-000

cisco email security appliance 9.1.0-011

cisco web security appliance 7.5.2-000

cisco web security appliance 8.5.1-021

cisco web security appliance 8.5.0-497

References

CWE-20https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esawsa2http://www.securityfocus.com/bid/93911http://www.securitytracker.com/id/1037119http://www.securitytracker.com/id/1037118https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook