VDB
CVE-2016-1411
CVE-2016-1411
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected Releases: 7.5.2-201 7.6.3-025 8.0.1-023 8.5.0-000 8.5.0-ER1-198 7.5.2-HP2-303 7.7.0-608 7.7.5-835 8.5.1-021 8.8.0-000 7.9.1-102 8.0.0-404 8.1.1-013 8.2.0-222. Known Fixed Releases: 8.0.2-069 8.0.2-074 8.5.7-042 9.1.0-032 8.5.2-027 9.6.1-019.
EPSS 0.22% · 45.2th percentile
Risk Scores
CVSS 3.0
5.900000095367432
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
0.22%
45.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | content_security_management_appliance | 9.1.0, 9.1.0-031, 9.1.0-004 |
| cisco | email_security_appliance | 8.5.0-000, 8.0.1-023, 8.5.0-er1-198 |
| cisco | web_security_appliance | 7.7.5-835, 7.7.0-608, 8.8.0-000 |
| n/a | Cisco AsyncOS | Cisco AsyncOS |
Exploit Intelligence
Timeline
- Dec 7, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score