CVE-2016-6416
MEDIUMCisco Email, Web, and Content Security Appliances DoS via FTP Traffic Flood
Title source: llmDescription
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036915
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/93198
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036916
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aos
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036917
Scores
CVSS v3
5.9
EPSS
0.0202
EPSS Percentile
78.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (21)
cisco/content_security_management_appliance
9.1.0
cisco/content_security_management_appliance
9.1.0-004
cisco/content_security_management_appliance
9.1.0-031
cisco/content_security_management_appliance
9.1.0-033
cisco/content_security_management_appliance
9.1.0-103
cisco/content_security_management_appliance
9.5.0
cisco/content_security_management_appliance
9.6.0
cisco/email_security_appliance
9.6.0-000
cisco/email_security_appliance
9.6.0-042
cisco/email_security_appliance
9.6.0-051
... and 11 more
Published
Oct 05, 2016
Tracked Since
Feb 18, 2026