Email Security Appliance Vulnerability in Cisco Products
CVE-2016-6357
7.5HIGH
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 28 October 2016
What is CVE-2016-6357?
A vulnerability exists within the security policies of Cisco AsyncOS for the Email Security Appliance, which could allow an unauthorized remote attacker to circumvent an established drop filter. This is achieved by sending an email containing a specially crafted attachment that exploits the filtering mechanism. Affected systems running versions 10.0.9-015, 9.7.1-066, and 9.9.6-026 may be at risk of this exploitation, compromising the integrity of email filtering mechanisms.
Affected Version(s)
Cisco AsyncOS through 9.9.6-026 Cisco AsyncOS through 9.9.6-026