NVD

Id
17894  
Name
CVE-2016-1486  
Description
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-19  
Published
2016-10-28  
Modified Date
2016-11-28  
Seq
2016-1486  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
97939 17894 CVE-2016-1486 93906  View
97940 17894 CVE-2016-1486 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa2  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
4874 JVNDB-2016-005647 Cisco ESA デバイス上で稼動する AsyncOS ソフトウェアの Advanced Malware Protection 機能におけるサービス運用妨害 (DoS) 脆弱性 Cisco E メール セキュリティ アプライアンス (ESA) デバイス上で稼動する AsyncOS ソフトウェアの Advanced Malware Protection (AMP) 機能には、サービス運用妨害 (DoS) 状態にされ、スキャニングおよび電子メールの転送を停止される脆弱性が存在します。 CVE-2016-1486 87992 CVE-2016-1486 17894 7.8 7.5 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005647.html 2016-10-26 2016-11-01 View