VDB
CVE-2016-6416
CVE-2016-6416
PUBLISHED
CVSS 4.300000190734863 MEDIUM
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
EPSS 0.89% · 75.9th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.89%
75.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | content_security_management_appliance | 9.1.0-033, 9.1.0, 9.1.0-004 |
| n/a | n/a | n/a |
| cisco | email_security_appliance | 9.7.1-066, 9.6.0-000, 9.6.0-042 |
| cisco | web_security_appliance | 9.0.0-162, 9.5.0-444, 9.1.0-000 |
Exploit Intelligence
- 1036915 (circl)
- 93198 (circl)
- 1036916 (circl)
- 20160928 Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability (circl)
- 1036917 (circl)
Timeline
- Sep 28, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- http://www.securitytracker.com/id/1036915 technical
- 93198 vdb
- 1036916 vdb
- 20160928 Cisco AsyncOS File Transfer Protocol Denial of Service Vulnerability vendor-advisory
- 1036917 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2016-6416 advisory