What is the severity of CVE-2016-1480?

CVE-2016-1480 has a medium severity rating, indicating that it poses a moderate risk to affected systems.

How do I fix CVE-2016-1480?

To fix CVE-2016-1480, upgrade the Cisco Email Security Appliance firmware to a version that addresses this vulnerability.

What products are affected by CVE-2016-1480?

CVE-2016-1480 affects multiple versions of Cisco Email Security Appliances and Web Security Appliances running specific versions of AsyncOS.

Can CVE-2016-1480 be exploited remotely?

Yes, CVE-2016-1480 can be exploited by an unauthenticated remote attacker to bypass user filters.

Is there a workaround for CVE-2016-1480?

Currently, the recommended action for CVE-2016-1480 is to upgrade the affected Cisco appliances to the latest firmware.

Vulnerability/
CVE-2016-1480

high

7.5

CWE

388

28/10/2016

5/8/2024

CVE-2016-1480

First published: Fri Oct 28 2016(Updated: )

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, if the software is configured with message or content filters to scan incoming email attachments. More Information: CSCuw03606, CSCux59734. Known Affected Releases: 8.0.0-000 8.5.6-106 9.0.0-000 9.1.0-032 9.6.0-042 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.1.1-038 9.7.1-066.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Email Security Appliance Firmware	=8.0.1-023
Cisco Email Security Appliance Firmware	=8.0_base
Cisco Email Security Appliance Firmware	=8.5.0-000
Cisco Email Security Appliance Firmware	=8.5.0-er1-198
Cisco Email Security Appliance Firmware	=8.5.6-052
Cisco Email Security Appliance Firmware	=8.5.6-073
Cisco Email Security Appliance Firmware	=8.5.6-074
Cisco Email Security Appliance Firmware	=8.5.6-106
Cisco Email Security Appliance Firmware	=8.5.6-113
Cisco Email Security Appliance Firmware	=8.5.7-042
Cisco Email Security Appliance Firmware	=8.6.0
Cisco Email Security Appliance Firmware	=8.6.0-011
Cisco Email Security Appliance Firmware	=8.9.0
Cisco Email Security Appliance Firmware	=8.9.1-000
Cisco Email Security Appliance Firmware	=8.9.2-032
Cisco Email Security Appliance Firmware	=9.0.0
Cisco Email Security Appliance Firmware	=9.0.0-212
Cisco Email Security Appliance Firmware	=9.0.0-461
Cisco Email Security Appliance Firmware	=9.0.5-000
Cisco Email Security Appliance Firmware	=9.1.0
Cisco Email Security Appliance Firmware	=9.1.0-011
Cisco Email Security Appliance Firmware	=9.1.0-032
Cisco Email Security Appliance Firmware	=9.1.0-101
Cisco Email Security Appliance Firmware	=9.1.1-000
Cisco Email Security Appliance Firmware	=9.4.0
Cisco Email Security Appliance Firmware	=9.4.4-000
Cisco Email Security Appliance Firmware	=9.5.0-000
Cisco Email Security Appliance Firmware	=9.5.0-201
Cisco Email Security Appliance Firmware	=9.6.0-000
Cisco Email Security Appliance Firmware	=9.6.0-042
Cisco Email Security Appliance Firmware	=9.7.0-125

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1480?
CVE-2016-1480 has a medium severity rating, indicating that it poses a moderate risk to affected systems.
How do I fix CVE-2016-1480?
To fix CVE-2016-1480, upgrade the Cisco Email Security Appliance firmware to a version that addresses this vulnerability.
What products are affected by CVE-2016-1480?
CVE-2016-1480 affects multiple versions of Cisco Email Security Appliances and Web Security Appliances running specific versions of AsyncOS.
Can CVE-2016-1480 be exploited remotely?
Yes, CVE-2016-1480 can be exploited by an unauthenticated remote attacker to bypass user filters.
Is there a workaround for CVE-2016-1480?
Currently, the recommended action for CVE-2016-1480 is to upgrade the affected Cisco appliances to the latest firmware.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco email security appliance firmware
version/cisco email security appliance firmware/8.0.1-023
version/cisco email security appliance firmware/8.0_base
version/cisco email security appliance firmware/8.5.0-000
version/cisco email security appliance firmware/8.5.0-er1-198
version/cisco email security appliance firmware/8.5.6-052
version/cisco email security appliance firmware/8.5.6-073
version/cisco email security appliance firmware/8.5.6-074
version/cisco email security appliance firmware/8.5.6-106
version/cisco email security appliance firmware/8.5.6-113
version/cisco email security appliance firmware/8.5.7-042
version/cisco email security appliance firmware/8.6.0
version/cisco email security appliance firmware/8.6.0-011
version/cisco email security appliance firmware/8.9.0
version/cisco email security appliance firmware/8.9.1-000
version/cisco email security appliance firmware/8.9.2-032
version/cisco email security appliance firmware/9.0.0
version/cisco email security appliance firmware/9.0.0-212
version/cisco email security appliance firmware/9.0.0-461
version/cisco email security appliance firmware/9.0.5-000
version/cisco email security appliance firmware/9.1.0
version/cisco email security appliance firmware/9.1.0-011
version/cisco email security appliance firmware/9.1.0-032
version/cisco email security appliance firmware/9.1.0-101
version/cisco email security appliance firmware/9.1.1-000
version/cisco email security appliance firmware/9.4.0
version/cisco email security appliance firmware/9.4.4-000
version/cisco email security appliance firmware/9.5.0-000
version/cisco email security appliance firmware/9.5.0-201
version/cisco email security appliance firmware/9.6.0-000
version/cisco email security appliance firmware/9.6.0-042
version/cisco email security appliance firmware/9.7.0-125

CVE-2016-1480

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1480?

How do I fix CVE-2016-1480?

What products are affected by CVE-2016-1480?

Can CVE-2016-1480 be exploited remotely?

Is there a workaround for CVE-2016-1480?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-1480?

How do I fix CVE-2016-1480?

What products are affected by CVE-2016-1480?

Can CVE-2016-1480 be exploited remotely?

Is there a workaround for CVE-2016-1480?