VYPR
← All advisories
Medium severity6.1NVD Advisory· Published Oct 28, 2016· Updated May 6, 2026

CVE-2016-1423

CVE-2016-1423

Description

A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Cisco ESA AsyncOS MIQ view fails to sanitize HTML in quarantined emails, enabling XSS via crafted messages.

Vulnerability

The vulnerability resides in the Messages in Quarantine (MIQ) view of Cisco AsyncOS for Cisco Email Security Appliance (ESA). The software fails to properly sanitize HTML script tags in quarantined email messages, allowing an attacker to inject malicious content. Affected versions include release 8.0.2-069 and all prior releases. Fixed versions are 9.1.1-038 and 9.7.2-047 [1].

Exploitation

An unauthenticated, remote attacker can exploit this vulnerability by sending a crafted email message containing malformed HTML script tags to the affected ESA. When an administrator or user views the quarantined message in the MIQ view, the malicious script executes, potentially tricking the user into clicking a crafted link. No authentication or special network position is required beyond the ability to send email to the appliance [1].

Impact

Successful exploitation allows the attacker to perform cross-site scripting (XSS) or HTML injection attacks within the MIQ view. This could lead to session hijacking, defacement, or redirection to malicious sites, compromising the confidentiality and integrity of the user's interaction with the appliance [1].

Mitigation

Cisco has released software updates to address this vulnerability: versions 9.1.1-038 and 9.7.2-047 for ESA. No workarounds are available. Users should upgrade to a fixed release as soon as possible [1].

References
  1. Cisco Security Advisory: Cisco Email Security Appliance Quarantine Email Rendering Vulnerability

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

12
  • Cisco Systems, Inc./Email Security Appliance11 versions
    cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:cisco:email_security_appliance:8.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:8.9.1-000:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:8.9.2-032:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.0.0-212:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.0.0-461:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.0.5-000:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.1.0-011:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.1.0-032:*:*:*:*:*:*:*
    • cpe:2.3:a:cisco:email_security_appliance:9.1.0-101:*:*:*:*:*:*:*
  • Cisco Systems, Inc./Cisco Email Security Appliance (ESA)llm-create
    Range: 8.0.2-069

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.