Main Vulnerability Database Vulnerabilities #VU1142

Security restrictions bypass in Cisco Email Security Appliance - CVE-2016-6458

Published: November 2, 2016 / Updated: April 5, 2018

Vulnerability identifier: #VU1142

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-6458

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco Email Security Appliance

Detailed vulnerability description

The vulnerability allows a remote unauthenticated user to bypass security controls on the target system.
The weakness is due to improper input validation. By sending an email message containing a specially crafted RAR archive, a remote attacker can bypass the configured email attachment content filters.
Successful exploitation of the vulnerability results in security bypass and access to data on the vulnerable system.

How to mitigate CVE-2016-6458

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-esa

Security restrictions bypass in Cisco Email Security Appliance - CVE-2016-6458

Detailed vulnerability description

How to mitigate CVE-2016-6458

Sources

Please verify you're human