Lucene search
CiscoCVE-2015-6285HistorySep 14, 2015 - 1:59 a.m.
CVE-2015-6285
2015-09-1401:59:03
CWE-134
cisco
web.nvd.nist.gov
23
cisco
email security
esa
cve-2015-6285
format string vulnerability
denial of service
memory overwrite
service outage
bug id cscug21497
nvd
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
48.5%
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.
Affected configurations
Node
ciscoemail_security_applianceMatch7.6.0
ORciscoemail_security_applianceMatch8.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | email_security_appliance | 7.6.0 | cpe:2.3:h:cisco:email_security_appliance:7.6.0:*:*:*:*:*:*:* |
| cisco | email_security_appliance | 8.0.0 | cpe:2.3:h:cisco:email_security_appliance:8.0.0:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2015-6285
2015-09-14 01:59:03
cisco
cisco
Cisco Email Security Appliance Format String Vulnerability
2015-09-09 18:02:16
openvas
openvas
Cisco Email Security Appliance Format String Vulnerability
2015-09-11 00:00:00
prion
prion
Format string
2015-09-14 01:59:00
cvelist
cvelist
CVE-2015-6285
2015-09-14 01:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
48.5%
Related for CVE-2015-6285