CVE-2016-6372

HIGH

Cisco Email Security Appliance - Unauthenticated Filter Bypass via Malformed MIME Headers

Title source: llm
STIX 2.1

Description

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should have been quarantined could instead be processed. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA on both virtual and hardware appliances that are configured with message or content filters to scan incoming email attachments. More Information: CSCuy54740, CSCuy75174. Known Affected Releases: 9.7.1-066 9.5.0-575 WSA10.0.0-000. Known Fixed Releases: 10.0.0-125 9.1.1-038 9.7.2-047.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93911
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037118
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037119

Scores

CVSS v3 7.5
EPSS 0.0163
EPSS Percentile 73.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-20
Status published
Products (50)
cisco/email_security_appliance 8.0.1-023
cisco/email_security_appliance 8.0_base
cisco/email_security_appliance 8.5.0-000
cisco/email_security_appliance 8.5.0-er1-198
cisco/email_security_appliance 8.5.6-052
cisco/email_security_appliance 8.5.6-073
cisco/email_security_appliance 8.5.6-074
cisco/email_security_appliance 8.5.6-106
cisco/email_security_appliance 8.5.6-113
cisco/email_security_appliance 8.5.7-042
... and 40 more
Published Oct 28, 2016
Tracked Since Feb 18, 2026