Vulnerability in Cisco Content_security_management_appliance

CVE-2015-6321

Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content S…

EPSS: 0.006 (68.5th percentile) — read the EPSS interpretation.

Affected products

Cisco Content_security_management_appliance — versions 7.8.0-328, 7.8.1-001, 7.9.0-201
Cisco Email_security_appliance — versions 7.6.1-000, 7.6.3-000, 7.7.0-000
Cisco Web_security_appliance — versions 5.6.0-623, 6.0.0-000, 7.5.0-000
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

20151104 Cisco AsyncOS TCP Flood Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1034060 (vdb-entry, x_refsource_SECTRACK)
1034061 (vdb-entry, x_refsource_SECTRACK)