CVE-2016-6406
First published: Thu Sep 22 2016(Updated: )
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Email Security Appliance Firmware | =9.1.2-023 | |
| Cisco Email Security Appliance Firmware | =9.1.2-028 | |
| Cisco Email Security Appliance Firmware | =9.1.2-036 | |
| Cisco Email Security Appliance Firmware | =9.7.2-046 | |
| Cisco Email Security Appliance Firmware | =9.7.2-047 | |
| Cisco Email Security Appliance Firmware | =9.7.2-054 | |
| Cisco Email Security Appliance Firmware | =10.0.0-124 | |
| Cisco Email Security Appliance Firmware | =10.0.0-125 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco email security appliance firmware
- version/cisco email security appliance firmware/9.1.2-023
- version/cisco email security appliance firmware/9.1.2-028
- version/cisco email security appliance firmware/9.1.2-036
- version/cisco email security appliance firmware/9.7.2-046
- version/cisco email security appliance firmware/9.7.2-047
- version/cisco email security appliance firmware/9.7.2-054
- version/cisco email security appliance firmware/10.0.0-124
- version/cisco email security appliance firmware/10.0.0-125