How severe is CVE-2016-1480?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2016-1480?

This is classified as CWE-388, which is a common weakness in software security.

CVE-2016-1480

HIGH Year: 2016

CVSS v3 Score

7.5

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-388

View all →

Vulnerability Description

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco ESA and Cisco WSA, both virtual and hardware appliances, if the software is configured with message or content filters to scan incoming email attachments. More Information: CSCuw03606, CSCux59734. Known Affected Releases: 8.0.0-000 8.5.6-106 9.0.0-000 9.1.0-032 9.6.0-042 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.1.1-038 9.7.1-066.

CVE-2016-6357

HIGH

CVSS:7.5(High)

A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass...

CWE-3882016

CVE-2016-7991

HIGH

CVSS:7.5(High)

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and h...

CWE-3882016

CVE-2016-8745

HIGH

CVSS:7.5(High)

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted ...

CWE-3882016

CVE-2023-20227

HIGH

CVSS:7.5(High)

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected de...

CWE-3882023

CVE-2020-3512

HIGH

CVSS:7.4(High)

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a c...

CWE-3882020

CVE-2017-17564

HIGH

CVSS:7.8(High)

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counti...

CWE-3882017

CVE-2016-1480

Vulnerability Description

Related Vulnerabilities

CVE-2016-6357

CVE-2016-7991

CVE-2016-8745

CVE-2023-20227

CVE-2020-3512

CVE-2017-17564