Denial of Service in Cisco Email Security Appliance Clustering
CVE-2015-4236

Currently unrated

Key Information:

Vendor: Cisco
Status: Email Security Appliance; Email Security Appliance Firmware
Vendor: CVE Published:; 10 July 2015

What is CVE-2015-4236?

A vulnerability exists in Cisco AsyncOS for Email Security Appliance devices when clustering is enabled. This flaw allows remote attackers to trigger a denial of service, resulting in a disruption of services such as clustering and SSH access, by sending a flood of packets. The issue is identified through Bug IDs CSCur13704 and CSCuq05636, indicating the potential for significant impact on device functionality and accessibility.

References

http://www.securitytracker.com/id/1032855

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/75703

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2015
Vulnerability Reserved
Jun 4, 2015