Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco web security appliance - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-2120
Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025.
Cisco Adaptive Security Appliance Software -
5
CVSSv2
CVE-2015-0619
Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to cause a denial of service (memory consumption and SSL outage) via multiple crafted HTTP requests, aka Bug ID CSCue05458.
Cisco Adaptive Security Appliance Software -
5
CVSSv2
CVE-2020-3164
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote malicious user to cause high CPU usage ...
Cisco Cloud Email Security
Cisco Content Security Management Appliance
Cisco Email Security Appliance
Cisco Web Security Appliance
4.3
CVSSv2
CVE-2017-6765
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.1(6.11) and 9.4(1.2) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an ...
Cisco Adaptive Security Appliance Software 9.4\\(1.2\\)
Cisco Adaptive Security Appliance Software 9.1\\(6.11\\)
4.3
CVSSv2
CVE-2020-3117
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote malicious user to inject crafted HTTP headers in the web server's response. The vulnerabi...
Cisco Content Security Management Appliance
Cisco Web Security Appliance 11.8.0-382
Cisco Web Security Appliance 12.0.1-268
5.8
CVSSv2
CVE-2021-1566
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to intercept traffic between an affected...
Cisco Email Security Appliance -
Cisco Asyncos
Cisco Web Security Appliance -
4.3
CVSSv2
CVE-2009-1220
Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and previous versions 7.2 versions including 7.2(2)22, and 8.0(4)28 and previous versions 8.0 versions, when clientless mode is en...
Cisco Adaptive Security Appliance 5520
Cisco Ios 7.2\\(2\\)22
1 EDB exploit
4.3
CVSSv2
CVE-2015-0734
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
Cisco Email Security Appliance Firmware 8.5.6-106
5
CVSSv2
CVE-2019-1886
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certi...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.7.0-fcs-334
Cisco Web Security Appliance 10.5.3-025
4.3
CVSSv2
CVE-2015-4198
Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote malicious users to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409.
Cisco Web Security Appliance 8.5.0-497
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »