Cisco Email Security Appliance Zip Content Filter Bypass Vulnerability

A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected...

The vulnerability in the web interface of Cisco AsyncOS software for Cisco Email Security Appliances allows a malicious individual to gain unauthorized access to protected information.

The vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliances is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the command-line interface of the Cisco AsyncOS operating system allows a hacker to gain unauthorized access to protected information. This vulnerability is exploitable by attackers who target the Cisco Email Security Appliance for security management and the Cisco Content Security Management Appliance for content management systems.

The vulnerability of the Cisco AsyncOS command-line interface for the Cisco Email Security Appliance and the Cisco Content Security Management Appliance security management system is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker,...

Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-esa-url-bypass-zZtugtg3)

According to its self-reported version, Cisco Email Security Appliance ESA is affected by a URL filtering bypass vulnerability in Cisco AsyncOS Software. An unauthenticated, remote attacker can exploit this, by crafting a URL in a particular way, to bypass URL reputation filters and allow malicio...

Cisco Email Security Appliance URL Filter Bypass Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. A URL filter bypass vulnerability exists in the Cisco AsyncOS anti-spam protection mechanism used by the Cisco Email Security Appliance. The...

CVE-2020-3568

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2020-3568 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2020-3568 Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

Cisco Email Security Appliance URL Filtering Bypass Vulnerability

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...

CVE-2020-3133

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit...

CVE-2020-3117

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance WSA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient...

CVE-2019-1947

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service DoS condition on an affected device. The...

CVE-2020-3117

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance WSA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient...

Input validation

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit...

Input validation

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the...

Input validation

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance WSA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient...

CVE-2019-1947 Cisco Email Security Appliance Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service DoS condition on an affected device. The...

CVE-2019-1947

The CVE-2019-1947 issue affects Cisco Email Security Appliance (ESA) running AsyncOS, where the email message filtering feature mishandles messages with large attachments. This vulnerability can allow an unauthenticated, remote attacker to drive CPU utilization to 100%, creating a denial-of-servi...

CVE-2019-1983 Cisco Email Security Appliance and Cisco Content Security Management Appliance Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the...

CVE-2019-1983

CVE-2019-1983 affects Cisco AsyncOS for ESA and SMA. The vulnerability stems from insufficient input validation of email attachments in the email message filtering feature, allowing an unauthenticated, remote attacker to cause repeated crashes of internal processes, resulting in a DoS and unavail...