CVE-2015-6309

CWE-3994 documents4 sources

Severity

6.8MEDIUM

EPSS

0.3%

top 45.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Email Security Appliance Cisco Email Security Appliance Firmware

Timeline

PublishedOct 2

Latest updateMay 14

Description

Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/email_security_appliance9.6.0-042

▶NVDcisco/email_security_appliance_firmware8.5.6-106

🔴Vulnerability Details

GHSA

GHSA-52q5-573g-349h: Cisco Email Security Appliance (ESA) 8↗2022-05-14

▶

CVEList

CVE-2015-6309: Cisco Email Security Appliance (ESA) 8↗2015-10-02

▶

📋Vendor Advisories

Cisco

Cisco Email Security Appliance Max Files Denial of Service Vulnerability↗2015-09-30

▶