736 matches found
CVE-2021-1425
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is bei...
CVE-2020-26082
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected...
CVE-2020-3548
A vulnerability in the Transport Layer Security TLS protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service DoS condition. The...
CVE-2013-3383
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL sent over IPv4, aka Bug ID CSCzv69294...
CVE-2012-0334
Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks...
The vulnerability in the web interface of the Cisco AsyncOS operating system allows attackers to perform cross-site scripting attacks.
The vulnerability in the web interface of the Cisco AsyncOS operating system is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2020-3122
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to obtain sensitive network information...
CVE-2020-3122
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to obtain sensitive network information...
CVE-2020-3122
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to obtain sensitive network information...
The vulnerability in the web interface of the Cisco AsyncOS operating system allows a hacker to escalate their privileges and execute arbitrary commands.
The vulnerability of the Cisco AsyncOS operating system’s web interface is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands remotely...
The vulnerability in the web interface of the Cisco AsyncOS operating system allows a hacker to escalate their privileges and execute arbitrary commands.
The vulnerability of the Cisco AsyncOS operating system’s web interface is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary commands remotely...
Cisco AsyncOS Input Validation Error Vulnerability (CNVD-2025-03529)
Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. An input validation error vulnerability exists in Cisco AsyncOS, which stems from insufficient validation of an XML configuration file, and can be exploited by an authenticated remote attacker to upload specially crafted files...
Cisco AsyncOS Cross-Site Scripting Vulnerability (CNVD-2025-03528)
Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. A cross-site scripting vulnerability exists in Cisco AsyncOS that originates from improper user input validation and can be exploited by a remote attacker to execute arbitrary script code or access sensitive information via a...
The vulnerability of the Range Request Forward function in the Cisco AsyncOS operating system of Cisco Secure Web Appliances allows attackers to circumvent security restrictions and write arbitrary files.
The vulnerability of the Range Request Forward function in the Cisco AsyncOS operating system of Cisco Secure Web Appliances is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and write arbitrary files...
CVE-2025-20185
A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...
CVE-2025-20180
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is...
CVE-2025-20184
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid...
Cisco Secure Email Gateway Command Injection (cisco-sa-esa-sma-wsa-multi-yKUJhS34)
According to its self-reported version, Secure Email Gateway is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform...
Cisco Secure Email Gateway Privelege Escalation (cisco-sa-esa-sma-wsa-multi-yKUJhS34)
According to its self-reported version, Secure Email Gateway is affected by a vulnerability. - A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance coul...
Cisco Secure Web Appliance Multiple Vulnerabilities (cisco-sa-esa-sma-wsa-multi-yKUJhS34)
According to its self-reported version, Cisco Secure Web Appliance is affected by multiple vulnerabilities. - A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker...