Vulnerability in Cisco Email_security_appliance

CVE-2015-4236

Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka…

EPSS: 0.006 (70.0th percentile) — read the EPSS interpretation.

Affected products

Cisco Email_security_appliance — versions 8.5.6-074
Cisco Email_security_appliance_firmware — versions 8.5.6-073, 9.0.0-461
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

1032855 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
75703 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
20150710 Cisco AsyncOS for Cisco Email Security Appliance Cluster Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)