Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Web Security Appliance Security Vulnerabilities

cve
cve

CVE-2019-1817

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. A...

7.5CVSS

7.6AI Score

0.002EPSS

2019-05-03 05:29 PM
25
cve
cve

CVE-2019-1884

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for ...

7.7CVSS

6.5AI Score

0.001EPSS

2019-07-04 08:15 PM
57
cve
cve

CVE-2019-1886

A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker coul...

8.6CVSS

8.4AI Score

0.002EPSS

2019-07-04 08:15 PM
55
cve
cve

CVE-2020-3117

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient va...

4.7CVSS

5AI Score

0.001EPSS

2020-09-23 01:15 AM
40
cve
cve

CVE-2020-3164

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, re...

5.3CVSS

5.4AI Score

0.002EPSS

2020-03-04 07:15 PM
45
cve
cve

CVE-2021-1129

A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information a...

5.3CVSS

5.2AI Score

0.001EPSS

2021-01-20 08:15 PM
30
3
cve
cve

CVE-2021-1359

A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the ...

8.8CVSS

8.9AI Score

0.001EPSS

2021-07-08 07:15 PM
46
7
cve
cve

CVE-2021-1490

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper v...

6.1CVSS

6AI Score

0.002EPSS

2021-05-06 01:15 PM
23
cve
cve

CVE-2021-1516

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an aff...

6.5CVSS

6.2AI Score

0.002EPSS

2021-05-06 01:15 PM
24
cve
cve

CVE-2021-1566

A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP serve...

7.4CVSS

7.2AI Score

0.001EPSS

2021-06-16 06:15 PM
33
5
cve
cve

CVE-2022-20784

A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to ...

5.8CVSS

5.4AI Score

0.001EPSS

2022-04-06 06:15 PM
83
cve
cve

CVE-2023-20028

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remo...

5.4CVSS

5.3AI Score

0.0005EPSS

2023-06-28 03:15 PM
26
cve
cve

CVE-2023-20032

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. ...

9.8CVSS

9.6AI Score

0.003EPSS

2023-03-01 08:15 AM
109
cve
cve

CVE-2023-20119

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the ...

6.1CVSS

6AI Score

0.001EPSS

2023-06-28 03:15 PM
29
cve
cve

CVE-2023-20120

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remo...

6.1CVSS

6AI Score

0.001EPSS

2023-06-28 03:15 PM
43
Total number of security vulnerabilities65