Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco asyncos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-1425
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential...
7.5
CVSSv3
CVE-2019-1955
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote malicious user to bypass configured user filters on the device. The vulnerability is due to incomplete inp...
Cisco Email Security Appliance Firmware 12.0
Cisco Email Security Appliance Firmware
7.5
CVSSv3
CVE-2018-0353
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due to a change in the unde...
Cisco Web Security Appliance 11.5.0-fcs-442
Cisco Web Security Appliance 10.5.1-296
Cisco Web Security Appliance 10.5.1
Cisco Web Security Appliance 11.0.0
Cisco Web Security Appliance 10.5.2
7.5
CVSSv3
CVE-2019-12706
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote malicious user to bypass the configured user filters on an affected device. The vulnerability exists becaus...
Cisco Email Security Appliance Firmware
NA
CVE-2014-2119
The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) prior to 7.6.3-023 and 8.x prior to 8.0.1-023 and Cisco Content Security Management Appliance (SMA) prior to 7.9.1-110 and 8.x prior to 8.1.1-013 allows remote authenti...
Cisco Ironport Asyncos 8.0
Cisco Ironport Asyncos
Cisco Ironport Asyncos 8.1
Cisco Ironport Asyncos 8.0.1
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
NA
CVE-2014-3289
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and previous versions, and Content Security Management Appliance (SMA) 8.3 and previous versions ...
Cisco Ironport Asyncos
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Ironport Asyncos 8.0
Cisco Email Security Appliance Firmware -
6.5
CVSSv3
CVE-2020-3547
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Asyncos
NA
CVE-2015-4184
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote malicious users to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733.
Cisco Email Security Appliance 3.331-09
Cisco Email Security Appliance 7.5.1-gpl-022
Cisco Email Security Appliance 8.5.6-074
6.5
CVSSv3
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
NA
CVE-2015-6291
Cisco AsyncOS prior to 8.5.7-043, 9.x prior to 9.1.1-023, and 9.5.x and 9.6.x prior to 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-matc...
Cisco Email Security Appliance 8.0 Base
Cisco Email Security Appliance 8.5 Base
Cisco Email Security Appliance 8.5.6-113
Cisco Email Security Appliance 9.1.0-032
Cisco Email Security Appliance 8.5.6-073
Cisco Email Security Appliance 9.0.0
Cisco Email Security Appliance 9.0.0-461
Cisco Email Security Appliance 8.5.6-052
Cisco Email Security Appliance 9.0.0-212
Cisco Email Security Appliance 8.5.7-042
Cisco Email Security Appliance 9.6.0-042
Cisco Email Security Appliance 9.0.5-000
Cisco Email Security Appliance 8.5.6-106
Cisco Email Security Appliance 8.5.6-074
Cisco Email Security Appliance 7.7.0-000
Cisco Email Security Appliance 7.7.1-000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »