HomePentest-Tools.com Logo

Cisco Email Security Appliance Format String Vulnerability CVE-2015-6285

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Cisco Email Security Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition on the affected device. Updates are not available.

Risk description

The vulnerability is due to improper validation of string input in the web application. An attacker could exploit this by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to impact the integrity and availability of services and data of the device including a partial DoS condition. An unauthenticated, remote attacker could exploit this vulnerability to cause a DoS condition or partial memory override on the affected device.

Recommendation

See the vendor advisory for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 14, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available