Cisco Email Security Appliance Internal Testing Interface Vulnerability

Last Update Date: 5 Oct 2016 Release Date: 23 Sep 2016 3601 Views

RISK: High Risk

TYPE: Security software and application - Security Software & Appliance

A vulnerability was identified in Cisco Email Security Appliance, which could allow a remote attacker to obtain elevation of privilege on the target system.

Impact

Elevation of Privilege

System / Technologies affected

9.1.2-028
9.1.2-023
9.1.2-036
9.7.2-046
9.7.2-047
9.7-2-054
10.0.0-124
10.0.0-125

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

For AsyncOS ESA Major Release 9.1.2: Update to version 9.1.2-041
For AsyncOS ESA Major Release 9.7.2: Update to version 9.7.2-065
For AsyncOS ESA Major Release 10.0.0: Update to version 10.0.0-203 [Updated on 4-10-2016]
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa

Vulnerability Identifier

CVE-2016-6406

Source

SecurityTracker