Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco email security appliance vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-6357
A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass a configured drop filter by using an email with a corrupted attachment. M...
Cisco Email Security Appliance 9.7.1-066
Cisco Email Security Appliance 9.9.6-026
5.8
CVSSv3
CVE-2017-3827
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote malicious user to bypass configured user filters on the device....
Cisco Web Security Appliance 10.0.0-232
Cisco Email Security Appliance Firmware 10.0.0-082
Cisco Email Security Appliance Firmware 10.0.0-125
Cisco Email Security Appliance Firmware 10.0.0-124
Cisco Email Security Appliance Firmware 10.0.0-203
Cisco Email Security Appliance Firmware 10.0.0-232
Cisco Email Security Appliance Firmware 9.9.6-026
Cisco Email Security Appliance Firmware 9.9.9-894
Cisco Web Security Appliance 10.0.0-124
Cisco Web Security Appliance 10.0.0-082
Cisco Web Security Appliance 10.0.0-125
Cisco Web Security Appliance 10.0.0-203
7.5
CVSSv3
CVE-2016-1315
The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote malicious users to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug...
Cisco Email Security Appliance Firmeware 9.1.0-032
Cisco Email Security Appliance Firmeware 9.5.0-201
Cisco Email Security Appliance Firmeware 9.6.0-051
Cisco Email Security Appliance Firmeware 9.7.0-125
Cisco Email Security Appliance Firmeware 9.7.0-782
NA
CVE-2015-4278
Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote malicious users to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.
Cisco Email Security Appliance Firmware 8.5.6-106
Cisco Email Security Appliance Firmware 9.5.0-201
NA
CVE-2013-3395
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote malicious users to hijack the authentication ...
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
Cisco Email Security Appliance Firmware -
NA
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote malicious users to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630...
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
Cisco Email Security Appliance Firmware -
6.5
CVSSv3
CVE-2018-0140
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote malicious user to download any message from the spam quarantine by modifying browser string information. The vulnerability...
Cisco Email Security Appliance Firmware 9.8.0-112
Cisco Email Security Appliance Firmware 10.0.1-087
Cisco Email Security Appliance Firmware 11.0.0-274
Cisco Content Security Management Appliance 10.0.0-096
Cisco Content Security Management Appliance 10.1.0-037
Cisco Content Security Management Appliance 10.1.0-052
Cisco Content Security Management Appliance 11.0.0-115
NA
CVE-2014-2195
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote malicious users to gain role privileges by leveraging group-name similarity, aka Bu...
Cisco Asyncos -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
6.1
CVSSv3
CVE-2017-6661
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based...
Cisco Email Security Appliance 10.0.0-203
Cisco Content Security Management Appliance 10.0.0-203
Cisco Content Security Management Appliance 10.1.0-049
Cisco Email Security Appliance 10.1.0-049
5.8
CVSSv3
CVE-2019-1905
A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-fo...
Cisco Email Security Appliance 11.1.2
Cisco Email Security Appliance 12.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »