Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco web security appliance vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-12303
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to bypass a configured AMP file filtering rule. The file types affected are zippe...
Cisco Asyncos 10.1.1-234
Cisco Asyncos 10.1.1-235
4.3
CVSSv2
CVE-2009-1220
Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and previous versions 7.2 versions including 7.2(2)22, and 8.0(4)28 and previous versions 8.0 versions, when clientless mode is en...
Cisco Ios 7.2(2)22
Cisco Adaptive Security Appliance 5520
1 EDB exploit
4.3
CVSSv2
CVE-2015-0734
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
Cisco Email Security Appliance Firmware 8.5.6-106
4.3
CVSSv2
CVE-2015-0577
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote malicious users to inject arbitrary web script or HTM...
Cisco Asyncos -
5
CVSSv2
CVE-2016-1288
The HTTPS Proxy feature in Cisco AsyncOS prior to 8.5.3-051 and 9.x prior to 9.0.0-485 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS req...
Cisco Web Security Appliance 8.5.0-497
Cisco Web Security Appliance 9.0.0-193
NA
CVE-2022-20952
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote malicious user to bypass a configured rule, thereby allowing traffic onto a network that ...
Cisco Asyncos
Cisco Asyncos 14.5.0
3.5
CVSSv2
CVE-2017-6764
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.5(1) could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. T...
Cisco Adaptive Security Appliance Software 9.5(1)
5
CVSSv2
CVE-2021-1129
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to access gen...
Cisco Content Security Management Appliance 12.5.0
Cisco Web Security Appliance 11.8.0
Cisco Email Security Appliance 13.0.0
4.3
CVSSv2
CVE-2018-15393
A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulne...
Cisco Content Security Management Appliance -
4.3
CVSSv2
CVE-2012-6029
Multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) cm or (2) uri parameters to (a) perfigo_weblogin.jsp, or t...
Cisco Nac Appliance 4.1
Cisco Nac Appliance 4.7.2
Cisco Nac Appliance 3.6
Cisco Nac Appliance
Cisco Nac Appliance 4.0
Cisco Nac Appliance 4.6
Cisco Nac Appliance 4.5
Cisco Nac Appliance 4.8
Cisco Nac Appliance -
Cisco Nac Appliance 4.7
Cisco Nac Appliance 4.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »