Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco email security appliance firmware - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0734
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
Cisco Email Security Appliance Firmware 8.5.6-106
7.5
CVSSv3
CVE-2017-6671
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd3463...
Cisco Email Security Appliance Firmware 10.0.1-087
Cisco Email Security Appliance Firmware 9.7.1-066
5.3
CVSSv3
CVE-2017-12309
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attac...
Cisco Email Security Appliance Firmware 10.0.2-020
Cisco Email Security Appliance Firmware 11.0.0-105
9.8
CVSSv3
CVE-2016-6406
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client prior to 1.0.2-065 is installed, allows remote malicious users to obtain root access via a connect...
Cisco Email Security Appliance Firmware 9.1.2-036
Cisco Email Security Appliance Firmware 9.7.2-046
Cisco Email Security Appliance Firmware 10.0.0-124
Cisco Email Security Appliance Firmware 10.0.0-125
Cisco Email Security Appliance Firmware 9.1.2-023
Cisco Email Security Appliance Firmware 9.1.2-028
Cisco Email Security Appliance Firmware 9.7.2-047
Cisco Email Security Appliance Firmware 9.7.2-054
6.5
CVSSv3
CVE-2019-15961
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote malicious user to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsin...
Clamav Clamav
Clamav Clamav 0.102.0
Cisco Email Security Appliance Firmware 11.1.2-023
Cisco Email Security Appliance Firmware 11.1.1-042
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
NA
CVE-2013-5537
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote malicious users to cause a denial of service (manage...
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
NA
CVE-2015-6309
Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.
Cisco Email Security Appliance Firmware 8.5.6-106
Cisco Email Security Appliance 9.6.0-042
7.5
CVSSv3
CVE-2019-1955
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote malicious user to bypass configured user filters on the device. The vulnerability is due to incomplete inp...
Cisco Email Security Appliance Firmware 12.0
Cisco Email Security Appliance Firmware
7.5
CVSSv3
CVE-2019-12706
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass the configured user filters on an affected device. The vulnerability exists becaus...
Cisco Email Security Appliance Firmware
4.3
CVSSv3
CVE-2019-15971
A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 ...
Cisco Email Security Appliance Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »