Strix
26.1K

CVE-2016-6372

UnknownEPSS 1.63%

Last modified

CVE-2016-6372 is a vulnerability of currently unknown severity. A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. EPSS estimates a 1.63% chance of exploitation in the next 30 days.

Description

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.

Metrics

EPSS Probability
1.63%

73.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoEmail Security Appliance8.0.1-023
CiscoEmail Security Appliance8.0_base
CiscoEmail Security Appliance8.5.0-000
CiscoEmail Security Appliance8.5.0-er1-198
CiscoEmail Security Appliance8.5.6-052
CiscoEmail Security Appliance8.5.6-073
CiscoEmail Security Appliance8.5.6-074
CiscoEmail Security Appliance8.5.6-106
CiscoEmail Security Appliance8.5.6-113
CiscoEmail Security Appliance8.5.7-042
CiscoEmail Security Appliance8.6.0
CiscoEmail Security Appliance8.6.0-011
CiscoEmail Security Appliance8.9.0
CiscoEmail Security Appliance8.9.1-000
CiscoEmail Security Appliance8.9.2-032
CiscoEmail Security Appliance9.0.0
CiscoEmail Security Appliance9.0.0-212
CiscoEmail Security Appliance9.0.0-461
CiscoEmail Security Appliance9.0.5-000
CiscoEmail Security Appliance9.1.0
CiscoEmail Security Appliance9.1.0-011
CiscoEmail Security Appliance9.1.0-032
CiscoEmail Security Appliance9.1.0-101
CiscoEmail Security Appliance9.1.1-000
CiscoEmail Security Appliance9.4.0
CiscoEmail Security Appliance9.4.4-000
CiscoEmail Security Appliance9.5.0-000
CiscoEmail Security Appliance9.5.0-201
CiscoEmail Security Appliance9.6.0-000
CiscoEmail Security Appliance9.6.0-042
CiscoEmail Security Appliance9.6.0-051
CiscoEmail Security Appliance9.7.0-125
CiscoEmail Security Appliance9.7.1-066
CiscoEmail Security Appliance9.9.6-026
CiscoEmail Security Appliance9.9_base
CiscoWeb Security Appliance5.6.0-623
CiscoWeb Security Appliance6.0.0-000
CiscoWeb Security Appliance7.1.0
CiscoWeb Security Appliance7.1.1
CiscoWeb Security Appliance7.1.2
CiscoWeb Security Appliance7.1.3
CiscoWeb Security Appliance7.1.4
CiscoWeb Security Appliance7.5.0-000
CiscoWeb Security Appliance7.5.0-825
CiscoWeb Security Appliance7.5.1-000
CiscoWeb Security Appliance7.5.2-000
CiscoWeb Security Appliance7.5.2-hp2-303
CiscoWeb Security Appliance7.7.0-000
CiscoWeb Security Appliance7.7.0-608
CiscoWeb Security Appliance7.7.1-000

Showing 50 of 77 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2016-6372?
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.
How severe is CVE-2016-6372?
Severity scoring for CVE-2016-6372 is pending analysis. The EPSS model estimates a 1.63% probability of exploitation in the next 30 days.
How do I fix CVE-2016-6372?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-6372?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST