What is the severity of CVE-2015-6291?

CVE-2015-6291 has a High severity rating due to its potential impact on Cisco Email Security Appliance devices.

How do I fix CVE-2015-6291?

To fix CVE-2015-6291, upgrade your Cisco Email Security Appliance to a version that includes the patch, specifically 8.5.7-043, 9.1.1-023, or later.

What versions are affected by CVE-2015-6291?

CVE-2015-6291 affects Cisco Email Security Appliance versions prior to 8.5.7-043, 9.1.1-023, and 9.6.0-046.

What happens if I don't address CVE-2015-6291?

Failing to address CVE-2015-6291 could lead to potential unauthorized access or exploitation of the Email Security Appliance.

How can I verify if my Cisco Email Security Appliance is vulnerable to CVE-2015-6291?

You can verify vulnerability to CVE-2015-6291 by checking the firmware version of your Cisco Email Security Appliance against the affected versions.

Vulnerability/
CVE-2015-6291

high

7.8

CWE

6/11/2015

6/8/2024

CVE-2015-6291: Input Validation

First published: Fri Nov 06 2015(Updated: )

Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and attachment-dictionary-match filtering, which allows remote attackers to cause a denial of service (memory consumption) via a crafted attachment in an e-mail message, aka Bug ID CSCuv47151.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Email Security Appliance Firmware	=7.7.0-000
Cisco Email Security Appliance Firmware	=7.7.1-000
Cisco Email Security Appliance Firmware	=8.0_base
Cisco Email Security Appliance Firmware	=8.5.6-052
Cisco Email Security Appliance Firmware	=8.5.6-073
Cisco Email Security Appliance Firmware	=8.5.6-074
Cisco Email Security Appliance Firmware	=8.5.6-106
Cisco Email Security Appliance Firmware	=8.5.6-113
Cisco Email Security Appliance Firmware	=8.5.7-042
Cisco Email Security Appliance Firmware	=8.5_base
Cisco Email Security Appliance Firmware	=9.0.0
Cisco Email Security Appliance Firmware	=9.0.0-212
Cisco Email Security Appliance Firmware	=9.0.0-461
Cisco Email Security Appliance Firmware	=9.0.5-000
Cisco Email Security Appliance Firmware	=9.1.0-032
Cisco Email Security Appliance Firmware	=9.6.0-042

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-6291?
CVE-2015-6291 has a High severity rating due to its potential impact on Cisco Email Security Appliance devices.
How do I fix CVE-2015-6291?
To fix CVE-2015-6291, upgrade your Cisco Email Security Appliance to a version that includes the patch, specifically 8.5.7-043, 9.1.1-023, or later.
What versions are affected by CVE-2015-6291?
CVE-2015-6291 affects Cisco Email Security Appliance versions prior to 8.5.7-043, 9.1.1-023, and 9.6.0-046.
What happens if I don't address CVE-2015-6291?
Failing to address CVE-2015-6291 could lead to potential unauthorized access or exploitation of the Email Security Appliance.
How can I verify if my Cisco Email Security Appliance is vulnerable to CVE-2015-6291?
You can verify vulnerability to CVE-2015-6291 by checking the firmware version of your Cisco Email Security Appliance against the affected versions.

agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco email security appliance firmware
version/cisco email security appliance firmware/7.7.0-000
version/cisco email security appliance firmware/7.7.1-000
version/cisco email security appliance firmware/8.0_base
version/cisco email security appliance firmware/8.5.6-052
version/cisco email security appliance firmware/8.5.6-073
version/cisco email security appliance firmware/8.5.6-074
version/cisco email security appliance firmware/8.5.6-106
version/cisco email security appliance firmware/8.5.6-113
version/cisco email security appliance firmware/8.5.7-042
version/cisco email security appliance firmware/8.5_base
version/cisco email security appliance firmware/9.0.0
version/cisco email security appliance firmware/9.0.0-212
version/cisco email security appliance firmware/9.0.0-461
version/cisco email security appliance firmware/9.0.5-000
version/cisco email security appliance firmware/9.1.0-032
version/cisco email security appliance firmware/9.6.0-042

Frequently Asked Questions

What is the severity of CVE-2015-6291?
CVE-2015-6291 has a High severity rating due to its potential impact on Cisco Email Security Appliance devices.
How do I fix CVE-2015-6291?
To fix CVE-2015-6291, upgrade your Cisco Email Security Appliance to a version that includes the patch, specifically 8.5.7-043, 9.1.1-023, or later.
What versions are affected by CVE-2015-6291?
CVE-2015-6291 affects Cisco Email Security Appliance versions prior to 8.5.7-043, 9.1.1-023, and 9.6.0-046.
What happens if I don't address CVE-2015-6291?
Failing to address CVE-2015-6291 could lead to potential unauthorized access or exploitation of the Email Security Appliance.
How can I verify if my Cisco Email Security Appliance is vulnerable to CVE-2015-6291?
You can verify vulnerability to CVE-2015-6291 by checking the firmware version of your Cisco Email Security Appliance against the affected versions.

CVE-2015-6291: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-6291?

How do I fix CVE-2015-6291?

What versions are affected by CVE-2015-6291?

What happens if I don't address CVE-2015-6291?

How can I verify if my Cisco Email Security Appliance is vulnerable to CVE-2015-6291?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-6291?

How do I fix CVE-2015-6291?

What versions are affected by CVE-2015-6291?

What happens if I don't address CVE-2015-6291?

How can I verify if my Cisco Email Security Appliance is vulnerable to CVE-2015-6291?