Vulnerability Details : CVE-2016-1480
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, if the software is configured with message or content filters to scan incoming email attachments. More Information: CSCuw03606, CSCux59734. Known Affected Releases: 8.0.0-000 8.5.6-106 9.0.0-000 9.1.0-032 9.6.0-042 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.1.1-038 9.7.1-066.
Products affected by CVE-2016-1480
- cpe:2.3:a:cisco:email_security_appliance:8.0_base:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-113:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-073:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-052:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.7-042:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-106:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.6-074:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.6.0-011:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.4.4-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.0.1-023:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.7.0-125:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:8.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.1.1-000:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_appliance:9.5.0-201:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1480
0.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 48 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1480
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-1480
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1480
-
http://www.securityfocus.com/bid/93914
Cisco AsyncOS CVE-2016-1480 Remote Security Bypass Vulnerability
-
http://www.securitytracker.com/id/1037117
Cisco Web Security Appliance Lets Remote Users Bypass MIME Attachment Security Filters - SecurityTracker
-
http://www.securitytracker.com/id/1037116
Cisco Email Security Appliance Lets Remote Users Bypass MIME Attachment Security Filters - SecurityTracker
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esawsa1
Cisco Email and Web Security Appliance Malformed MIME Header VulnerabilityVendor Advisory
Jump to