Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco ironport web security appliance vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
383
VMScore
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote malicious users to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630...
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
Cisco Email Security Appliance Firmware -
383
VMScore
CVE-2015-0577
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote malicious users to inject arbitrary web script or HTM...
Cisco Asyncos -
445
VMScore
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
383
VMScore
CVE-2014-3289
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and previous versions, and Content Security Management Appliance (SMA) 8.3 and previous versions ...
Cisco Ironport Asyncos
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Ironport Asyncos 8.0
Cisco Email Security Appliance Firmware -
605
VMScore
CVE-2013-3395
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote malicious users to hijack the authentication ...
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
Cisco Email Security Appliance Firmware -
801
VMScore
CVE-2013-3384
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices prior to 7.1.3-013, 7.5 prior to 7.5.0-838, and 7.7 prior to 7.7.0-550; Email Security Appliance devices prior to 7.1.5-104, 7.3 prior to 7.3.2-026, 7.5 prior to 7.5.2-203, and 7.6 prior to 7.6.3-019; a...
Cisco Ironport Asyncos
Cisco Ironport Asyncos 7.2
Cisco Ironport Asyncos 7.3
Cisco Ironport Asyncos 7.5
Cisco Ironport Asyncos 7.6
Cisco Ironport Asyncos 7.7
Cisco Ironport Asyncos 7.8
Cisco Ironport Asyncos 7.9
694
VMScore
CVE-2013-3385
The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices prior to 7.1.3-013, 7.5 prior to 7.5.0-838, and 7.7 prior to 7.7.0-602; Email Security Appliance devices prior to 7.1.5-106 and 7.3, 7.5, and 7.6 prior to 7.6.3-019; and Content Se...
Cisco Ironport Asyncos
Cisco Ironport Asyncos 7.2
Cisco Ironport Asyncos 7.3
Cisco Ironport Asyncos 7.5
Cisco Ironport Asyncos 7.6
Cisco Ironport Asyncos 7.7
Cisco Ironport Asyncos 7.8
Cisco Ironport Asyncos 7.9
694
VMScore
CVE-2013-3386
The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices prior to 7.1.5-106 and 7.3, 7.5, and 7.6 prior to 7.6.3-019 and Content Security Management Appliance devices prior to 7.9.1-102 and 8.0 prior to 8.0.0-...
Cisco Ironport Asyncos
Cisco Ironport Asyncos 7.3
Cisco Ironport Asyncos 7.5
Cisco Ironport Asyncos 7.6
Cisco Ironport Asyncos 7.9
Cisco Ironport Asyncos 8.0
801
VMScore
CVE-2013-3383
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices prior to 7.1.3-013, 7.5 prior to 7.5.0-838, and 7.7 prior to 7.7.0-550 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL sent over IPv4, aka Bug ID ...
Cisco Ironport Asyncos
Cisco Ironport Asyncos 7.5
Cisco Ironport Asyncos 7.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »