CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
83.2%
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | content_security_management_appliance | 9.1.0 | cpe:2.3:a:cisco:content_security_management_appliance:9.1.0:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.1.0-004 | cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-004:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.1.0-031 | cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-031:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.1.0-033 | cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-033:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.1.0-103 | cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-103:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.5.0 | cpe:2.3:a:cisco:content_security_management_appliance:9.5.0:*:*:*:*:*:*:* |
cisco | content_security_management_appliance | 9.6.0 | cpe:2.3:a:cisco:content_security_management_appliance:9.6.0:*:*:*:*:*:*:* |
cisco | email_security_appliance | 9.6.0-000 | cpe:2.3:a:cisco:email_security_appliance:9.6.0-000:*:*:*:*:*:*:* |
cisco | email_security_appliance | 9.6.0-042 | cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:* |
cisco | email_security_appliance | 9.6.0-051 | cpe:2.3:a:cisco:email_security_appliance:9.6.0-051:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
83.2%