Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco asyncos vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2019-1947
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on ...
Cisco Email Security Appliance 11.1.0-131
Cisco Asyncos 12.1.0-085
1 Article
7.4
CVSSv3
CVE-2021-1566
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to intercept traffic between an affected...
Cisco Email Security Appliance -
Cisco Asyncos
Cisco Web Security Appliance -
NA
CVE-2014-2195
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote malicious users to gain role privileges by leveraging group-name similarity, aka Bu...
Cisco Asyncos -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
7.5
CVSSv3
CVE-2021-34698
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper m...
Cisco Asyncos
NA
CVE-2015-0577
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote malicious users to inject arbitrary web script or HTM...
Cisco Asyncos -
5.3
CVSSv3
CVE-2017-12303
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to bypass a configured AMP file filtering rule. The file types affected are zippe...
Cisco Asyncos 10.1.1-234
Cisco Asyncos 10.1.1-235
6.5
CVSSv3
CVE-2019-1884
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input v...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.5.1-fcs-125
Cisco Web Security Appliance 10.1.4-017
Cisco Web Security Appliance 11.7.0-256
7.8
CVSSv3
CVE-2020-3367
A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local malicious user to perform command injection and elevate privileges to root. This vulnerability is due to ins...
Cisco Asyncos
1 Article
8.8
CVSSv3
CVE-2021-1359
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-su...
Cisco Web Security Appliance 11.8.0-429
Cisco Web Security Appliance 11.8.0-453
Cisco Asyncos
5.3
CVSSv3
CVE-2022-20952
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote malicious user to bypass a configured rule, thereby allowing traffic onto a network that ...
Cisco Asyncos
Cisco Asyncos 14.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »