Details of VAR-201602-0053

ID

VAR-201602-0053

CVE

CVE-2016-1315

TITLE

Cisco Advanced Malware Protection Vulnerability that bypasses content restrictions in the proxy engine

Trust: 0.8

sources: JVNDB: JVNDB-2016-001690

DESCRIPTION

The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID CSCux45338. Vendors have confirmed this vulnerability Bug ID CSCux45338 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlA third party may be able to bypass content restrictions via malformed email messages that contain encoded files. The solution supports access to the best global threat intelligence to strengthen network defenses and continuous analysis of file and data traffic to defend against front-line threats. Proxy engine is one of the proxy engine components. The following releases are affected: Cisco ESA Release 9.5.0-201, Release 9.6.0-051, Release 9.7.0-125

Trust: 1.71

sources: NVD: CVE-2016-1315 // JVNDB: JVNDB-2016-001690 // VULHUB: VHN-90134

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance firmeware	scope:	eq	version:	9.6.0-051	Trust: 1.6
vendor:	cisco	model:	email security appliance firmeware	scope:	eq	version:	9.7.0-125	Trust: 1.6
vendor:	cisco	model:	email security appliance firmeware	scope:	eq	version:	9.7.0-782	Trust: 1.6
vendor:	cisco	model:	email security appliance firmeware	scope:	eq	version:	9.1.0-032	Trust: 1.6
vendor:	cisco	model:	email security appliance firmeware	scope:	eq	version:	9.5.0-201	Trust: 1.6
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.5.0-201	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.6.0-051	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	eq	version:	9.7.0-125	Trust: 0.8

sources: JVNDB: JVNDB-2016-001690 // CNNVD: CNNVD-201602-247 // NVD: CVE-2016-1315

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1315
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1315
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201602-247
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-90134
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-1315
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-90134
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1315
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-90134 // JVNDB: JVNDB-2016-001690 // CNNVD: CNNVD-201602-247 // NVD: CVE-2016-1315

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-90134 // JVNDB: JVNDB-2016-001690 // NVD: CVE-2016-1315

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201602-247

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201602-247

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001690

PATCH

title:	cisco-sa-20160211-esaamp	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160211-esaamp	Trust: 0.8
title:	Cisco Advanced Malware Protection Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60189	Trust: 0.6

sources: JVNDB: JVNDB-2016-001690 // CNNVD: CNNVD-201602-247

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1315	Trust: 2.5
db:	SECTRACK	id:	1035008	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001690	Trust: 0.8
db:	CNNVD	id:	CNNVD-201602-247	Trust: 0.7
db:	VULHUB	id:	VHN-90134	Trust: 0.1

sources: VULHUB: VHN-90134 // JVNDB: JVNDB-2016-001690 // CNNVD: CNNVD-201602-247 // NVD: CVE-2016-1315

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160211-esaamp	Trust: 1.7
url:	http://www.securitytracker.com/id/1035008	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1315	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1315	Trust: 0.8

sources: VULHUB: VHN-90134 // JVNDB: JVNDB-2016-001690 // CNNVD: CNNVD-201602-247 // NVD: CVE-2016-1315

SOURCES

db:	VULHUB	id:	VHN-90134
db:	JVNDB	id:	JVNDB-2016-001690
db:	CNNVD	id:	CNNVD-201602-247
db:	NVD	id:	CVE-2016-1315

LAST UPDATE DATE

2025-04-13T23:36:25.381000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90134	date:	2017-10-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-001690	date:	2016-03-14T00:00:00
db:	CNNVD	id:	CNNVD-201602-247	date:	2016-02-15T00:00:00
db:	NVD	id:	CVE-2016-1315	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90134	date:	2016-02-12T00:00:00
db:	JVNDB	id:	JVNDB-2016-001690	date:	2016-03-14T00:00:00
db:	CNNVD	id:	CNNVD-201602-247	date:	2016-02-15T00:00:00
db:	NVD	id:	CVE-2016-1315	date:	2016-02-12T01:59:02.113