CVE-2016-6458 (GCVE-0-2016-6458)

Vulnerability from cvelistv5 – Published: 2016-11-19 02:45 – Updated: 2024-08-06 01:29
VLAI?
Summary
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066.
Severity ?
No CVSS data available.
CWE
  • unspecified
Assigner
References
Impacted products
Vendor Product Version
n/a Cisco AsyncOS 10.0.0-125 and 9.7.1-066 Affected: Cisco AsyncOS 10.0.0-125 and 9.7.1-066
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:20.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037182",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037182"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa"
          },
          {
            "name": "94074",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94074"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco AsyncOS 10.0.0-125 and 9.7.1-066",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco AsyncOS 10.0.0-125 and 9.7.1-066"
            }
          ]
        }
      ],
      "datePublic": "2016-11-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unspecified",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1037182",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037182"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa"
        },
        {
          "name": "94074",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94074"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6458",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco AsyncOS 10.0.0-125 and 9.7.1-066",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco AsyncOS 10.0.0-125 and 9.7.1-066"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unspecified"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037182",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037182"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa"
            },
            {
              "name": "94074",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94074"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-6458",
    "datePublished": "2016-11-19T02:45:00",
    "dateReserved": "2016-07-26T00:00:00",
    "dateUpdated": "2024-08-06T01:29:20.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6458\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-11-19T03:03:01.383\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to use a content filter for email attachments that are protected or encrypted. More Information: CSCva52546. Known Affected Releases: 10.0.0-125 9.7.1-066.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de filtrado de contenido de Software Cisco AsyncOS para Cisco Email Security Appliances podr\u00eda permitir a un atacante remoto no autenticado eludir los filtros de contenido configurados en un dispositivo afectado. El correo electr\u00f3nico que deber\u00eda haber sido filtrado podr\u00eda ser reenviado por el dispositivo. Esta vulnerabilidad afecta a todas las versiones anteriores a la primera versi\u00f3n solucionada del Software de Cisco AsyncOS para Cisco Email Security Appliances, tanto dispositivos virtual como hardware, si el software est\u00e1 configurado para utilizar un filtro de contenido para archivos adjuntos de correo electr\u00f3nico que son protegidos o cifrados. M\u00e1s informaci\u00f3n: CSCva52546. Lanzamientos conocidos afectados: 10.0.0-125 9.7.1-066.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.1-066:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F09AFAB-9F02-4B39-8117-BAA56A434289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-046:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643A1573-29B5-4DD4-94D5-AF64ACCDFF11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-047:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD833960-F2F6-4F48-BBA6-0FC77D3A1A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.7.2-054:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB717827-4F97-4697-A991-4522558BE51F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.9.6-026:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0958602-8C88-4E0E-8720-F4D7AB7692AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:9.9_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BED571D-4B55-4526-8055-0848F27F1ACC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-124:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61539DE3-591F-4CAA-889B-654037A07DC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:email_security_appliance_firmware:10.0.0-125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C4E4BBD-F14C-4573-B771-FA0303A6220C\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94074\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1037182\",\"source\":\"psirt@cisco.com\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1037182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.