CVE-2016-6416

MEDIUM

Cisco Email, Web, and Content Security Appliances DoS via FTP Traffic Flood

Title source: llm
STIX 2.1

Description

The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036915
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93198
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036916
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036917

Scores

CVSS v3 5.9
EPSS 0.0202
EPSS Percentile 78.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-119
Status published
Products (21)
cisco/content_security_management_appliance 9.1.0
cisco/content_security_management_appliance 9.1.0-004
cisco/content_security_management_appliance 9.1.0-031
cisco/content_security_management_appliance 9.1.0-033
cisco/content_security_management_appliance 9.1.0-103
cisco/content_security_management_appliance 9.5.0
cisco/content_security_management_appliance 9.6.0
cisco/email_security_appliance 9.6.0-000
cisco/email_security_appliance 9.6.0-042
cisco/email_security_appliance 9.6.0-051
... and 11 more
Published Oct 05, 2016
Tracked Since Feb 18, 2026