cvedb.io
CVE-2016-6406
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2016-09-22T22:59:22.193 · Last modified 2026-06-17T00:50:58.523

Summary

Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017.

Affected products

cisco — email_security_appliance_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.