What is the severity of CVE-2016-1486?

CVE-2016-1486 has a severity rating of high due to its potential impact on email security by allowing attackers to disrupt scanning functionality.

How do I fix CVE-2016-1486?

To fix CVE-2016-1486, you should upgrade your Cisco Email Security Appliance firmware to a patched version that addresses this vulnerability.

Which Cisco Email Security Appliance versions are affected by CVE-2016-1486?

CVE-2016-1486 affects multiple versions, including 8.5.0-000, 8.5.6-052, 9.0.0-461, and others, so check the specific version installed.

Can CVE-2016-1486 be exploited remotely?

Yes, CVE-2016-1486 can be exploited by an unauthenticated remote attacker without needing physical access.

Vulnerability/
CVE-2016-1486

high

7.8

CWE

28/10/2016

5/8/2024

CVE-2016-1486

First published: Fri Oct 28 2016(Updated: )

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Products: This vulnerability affects Cisco AsyncOS Software releases 9.7.1 and later, prior to the first fixed release, for both virtual and hardware Cisco Email Security Appliances, if the AMP feature is configured to scan incoming email attachments. More Information: CSCuy99453. Known Affected Releases: 9.7.1-066. Known Fixed Releases: 10.0.0-125 9.7.1-207 9.7.2-047.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Email Security Appliance Firmware	=8.5.0-000
Cisco Email Security Appliance Firmware	=8.5.0-er1-198
Cisco Email Security Appliance Firmware	=8.5.6-052
Cisco Email Security Appliance Firmware	=8.5.6-073
Cisco Email Security Appliance Firmware	=8.5.6-074
Cisco Email Security Appliance Firmware	=8.5.6-106
Cisco Email Security Appliance Firmware	=8.5.6-113
Cisco Email Security Appliance Firmware	=8.5.7-042
Cisco Email Security Appliance Firmware	=8.6.0
Cisco Email Security Appliance Firmware	=8.6.0-011
Cisco Email Security Appliance Firmware	=8.9.0
Cisco Email Security Appliance Firmware	=8.9.1-000
Cisco Email Security Appliance Firmware	=8.9.2-032
Cisco Email Security Appliance Firmware	=9.0.0
Cisco Email Security Appliance Firmware	=9.0.0-212
Cisco Email Security Appliance Firmware	=9.0.0-461
Cisco Email Security Appliance Firmware	=9.0.5-000
Cisco Email Security Appliance Firmware	=9.1.0
Cisco Email Security Appliance Firmware	=9.1.0-011
Cisco Email Security Appliance Firmware	=9.1.0-032
Cisco Email Security Appliance Firmware	=9.1.0-101
Cisco Email Security Appliance Firmware	=9.1.1-000
Cisco Email Security Appliance Firmware	=9.4.0
Cisco Email Security Appliance Firmware	=9.4.4-000
Cisco Email Security Appliance Firmware	=9.5.0-000
Cisco Email Security Appliance Firmware	=9.5.0-201
Cisco Email Security Appliance Firmware	=9.6.0-000
Cisco Email Security Appliance Firmware	=9.6.0-042
Cisco Email Security Appliance Firmware	=9.6.0-051
Cisco Email Security Appliance Firmware	=9.7.0-125

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1486?
CVE-2016-1486 has a severity rating of high due to its potential impact on email security by allowing attackers to disrupt scanning functionality.
How do I fix CVE-2016-1486?
To fix CVE-2016-1486, you should upgrade your Cisco Email Security Appliance firmware to a patched version that addresses this vulnerability.
Which Cisco Email Security Appliance versions are affected by CVE-2016-1486?
CVE-2016-1486 affects multiple versions, including 8.5.0-000, 8.5.6-052, 9.0.0-461, and others, so check the specific version installed.
Can CVE-2016-1486 be exploited remotely?
Yes, CVE-2016-1486 can be exploited by an unauthenticated remote attacker without needing physical access.
What is the impact of CVE-2016-1486 on email functionality?
CVE-2016-1486 can cause the affected device to stop scanning and forwarding email messages, compromising email security.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/references
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco email security appliance firmware
version/cisco email security appliance firmware/8.5.0-000
version/cisco email security appliance firmware/8.5.0-er1-198
version/cisco email security appliance firmware/8.5.6-052
version/cisco email security appliance firmware/8.5.6-073
version/cisco email security appliance firmware/8.5.6-074
version/cisco email security appliance firmware/8.5.6-106
version/cisco email security appliance firmware/8.5.6-113
version/cisco email security appliance firmware/8.5.7-042
version/cisco email security appliance firmware/8.6.0
version/cisco email security appliance firmware/8.6.0-011
version/cisco email security appliance firmware/8.9.0
version/cisco email security appliance firmware/8.9.1-000
version/cisco email security appliance firmware/8.9.2-032
version/cisco email security appliance firmware/9.0.0
version/cisco email security appliance firmware/9.0.0-212
version/cisco email security appliance firmware/9.0.0-461
version/cisco email security appliance firmware/9.0.5-000
version/cisco email security appliance firmware/9.1.0
version/cisco email security appliance firmware/9.1.0-011
version/cisco email security appliance firmware/9.1.0-032
version/cisco email security appliance firmware/9.1.0-101
version/cisco email security appliance firmware/9.1.1-000
version/cisco email security appliance firmware/9.4.0
version/cisco email security appliance firmware/9.4.4-000
version/cisco email security appliance firmware/9.5.0-000
version/cisco email security appliance firmware/9.5.0-201
version/cisco email security appliance firmware/9.6.0-000
version/cisco email security appliance firmware/9.6.0-042
version/cisco email security appliance firmware/9.6.0-051
version/cisco email security appliance firmware/9.7.0-125

CVE-2016-1486

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1486?

How do I fix CVE-2016-1486?

Which Cisco Email Security Appliance versions are affected by CVE-2016-1486?

Can CVE-2016-1486 be exploited remotely?

What is the impact of CVE-2016-1486 on email functionality?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-1486?

How do I fix CVE-2016-1486?

Which Cisco Email Security Appliance versions are affected by CVE-2016-1486?

Can CVE-2016-1486 be exploited remotely?

What is the impact of CVE-2016-1486 on email functionality?