CVE-2016-6465

CWE-20Improper Input Validation4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 58.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Email Security Appliance
Timeline
PublishedDec 14
Latest updateMay 17

Description

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for both virtual and hardware versions of the following Cisco products: Cisco Email Security Appliances (ESAs) that

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5cisco_asyncosCisco AsyncOS

🔴Vulnerability Details

2
GHSA
GHSA-wff9-q6wf-8f5q: A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances2022-05-17
CVEList
CVE-2016-6465: A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances2016-12-14

📋Vendor Advisories

1
Cisco
Cisco Email Security Appliance Content Filter Bypass Vulnerability2016-12-07
CVE-2016-6465 (MEDIUM CVSS 4.3) | A vulnerability in the content filt | cvebase.io