Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
content_security_management_appliance vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-2195
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote malicious users to gain role privileges by leveraging group-name similarity, aka Bu...
Cisco Asyncos -
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
4
CVSSv2
CVE-2018-0140
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote malicious user to download any message from the spam quarantine by modifying browser string information. The vulnerability...
Cisco Email Security Appliance Firmware 9.8.0-112
Cisco Email Security Appliance Firmware 10.0.1-087
Cisco Email Security Appliance Firmware 11.0.0-274
Cisco Content Security Management Appliance 10.0.0-096
Cisco Content Security Management Appliance 10.1.0-037
Cisco Content Security Management Appliance 10.1.0-052
Cisco Content Security Management Appliance 11.0.0-115
4.3
CVSSv2
CVE-2014-3289
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and previous versions, and Content Security Management Appliance (SMA) 8.3 and previous versions ...
Cisco Ironport Asyncos
Cisco Web Security Appliance -
Cisco Content Security Management Appliance -
Cisco Ironport Asyncos 8.0
Cisco Email Security Appliance Firmware -
4
CVSSv2
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
8.5
CVSSv2
CVE-2014-2119
The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) prior to 7.6.3-023 and 8.x prior to 8.0.1-023 and Cisco Content Security Management Appliance (SMA) prior to 7.9.1-110 and 8.x prior to 8.1.1-013 allows remote authenti...
Cisco Ironport Asyncos 8.0
Cisco Ironport Asyncos
Cisco Ironport Asyncos 8.1
Cisco Ironport Asyncos 8.0.1
Cisco Content Security Management Appliance -
Cisco Email Security Appliance Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started