Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ironport web security appliance vulnerabilities and exploits
(subscribe to this query)
285
VMScore
CVE-2012-0334
Cisco IronPort Web Security Appliance AsyncOS software before 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks
Cisco Ironport Web Security Appliance
383
VMScore
CVE-2012-1316
Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks
Cisco Ironport Web Security Appliance -
516
VMScore
CVE-2012-1326
Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks
Cisco Ironport Web Security Appliance
356
VMScore
CVE-2021-1516
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to access sensit...
Cisco Content Security Management Appliance -
Cisco Email Security Appliance -
Cisco Web Security Appliance -
Cisco Ironport Web Security Appliance 13.6.2-023
Cisco Ironport Web Security Appliance 14.0.0-090
Cisco Ironport Web Security Appliance 14.0.0-133
Cisco Ironport Web Security Appliance 14.0.0-292
Cisco Ironport Web Security Appliance 14.0.0-300
383
VMScore
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote malicious users to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630...
Cisco Email Security Appliance Firmware -
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
605
VMScore
CVE-2013-3395
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote malicious users to hijack the authentication ...
Cisco Email Security Appliance Firmware -
Cisco Content Security Management Appliance -
Cisco Web Security Appliance -
801
VMScore
CVE-2015-6298
The admin web interface in Cisco AsyncOS 8.x prior to 8.0.8-113, 8.1.x and 8.5.x prior to 8.5.3-051, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted...
Cisco Web Security Appliance 8.5.0-497
694
VMScore
CVE-2015-6293
Cisco AsyncOS 8.x prior to 8.0.8-113, 8.1.x and 8.5.x prior to 8.5.3-051, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (memory consumption) via multiple file-...
Cisco Web Security Appliance 8.0.6
Cisco Web Security Appliance 8.5.0.000
Cisco Web Security Appliance 8.0.0-000
Cisco Web Security Appliance 8.0.8-mr-113
Cisco Web Security Appliance 8.0.7-142
Cisco Web Security Appliance 8.0.5
Cisco Web Security Appliance 8.5.2-024
Cisco Web Security Appliance 8.5.0-497
Cisco Web Security Appliance 8.0.6-078
694
VMScore
CVE-2015-6292
The proxy-cache implementation in Cisco AsyncOS 8.0.x prior to 8.0.7-151, 8.1.x and 8.5.x prior to 8.5.2-004, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (me...
Cisco Web Security Appliance 8.0.0-000
Cisco Web Security Appliance 8.0.5
Cisco Web Security Appliance 8.5.0.000
Cisco Web Security Appliance 8.5.0-497
Cisco Web Security Appliance 8.0.6-119
Cisco Web Security Appliance 8.0.6
383
VMScore
CVE-2013-3396
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh24749.
Cisco Content Security Management Appliance -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »