736 matches found
CVE-2020-3447
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive...
Design/Logic Flaw
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive...
CVE-2020-3447
The CVE-2020-3447 issue affects Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA). Affected component: CLI log subscriptions that are overly verbose, enabling an authenticated attacker with operator-level credentials (or higher) to access...
Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive...
CVE-2020-3368
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...
CVE-2020-3368
The CVE affects Cisco AsyncOS on the Cisco Email Security Appliance (ESA), where an input-validation weakness allows an unauthenticated, remote attacker to bypass URL reputation filters by crafting a URL. The root cause is insufficient URL input validation. Impact is bypass of URL filtering, enab...
CVE-2020-3368 Cisco Email Security Appliance URL Filtering Bypass Vulnerability
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...
Cisco Email Security Appliance URL Filtering Bypass Vulnerability
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An...
Open redirect
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an...
CVE-2020-3178 Cisco Content Security Management Appliance Open Redirect Vulnerabilities
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an...
CVE-2020-3178
Cisco Content Security Management Appliance (SMA) Open Redirect vulnerabilities (CVE-2020-3178) affect the web-based GUI of Cisco AsyncOS/SMA. Multiple issues arise from improper input validation of HTTP request parameters, allowing an unauthenticated, remote attacker to intercept and modify requ...
CVE-2020-3178 Cisco Content Security Management Appliance Open Redirect Vulnerabilities
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an...
Cisco Email Security Appliance URL Filtering Bypass (cisco-sa-20191120-esa-url-bypass)
According to its self-reported version, Cisco Email Security Appliance ESA is affected by a vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software due to insufficient input validation of URLs. An unauthenticated, remote attacker can exploit this, by crafting the URL in a...
The vulnerability of the message filtering function of Cisco AsyncOS software for Cisco Email Security Appliance security systems allows a hacker to trigger a service failure.
The vulnerability of the message filtering function in Cisco AsyncOS software for Cisco Email Security Appliances exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the message filtering function of Cisco AsyncOS software for Cisco Email Security Appliances and Cisco Content Security Management Appliances allows a attacker to cause a service failure.
The vulnerability of the message filtering function in Cisco AsyncOS software for Cisco Email Security Appliances and Cisco Content Security Management Appliances exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruption...
The vulnerability of the message scanning function of Cisco AsyncOS software for Cisco Email Security Appliances allows a perpetrator to trigger a service failure.
The vulnerability of the message scanning function in Cisco AsyncOS software for Cisco Email Security Appliances is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...
AsyncOS Input Validation Error Vulnerability in Multiple Cisco Products
Cisco Content Security Management Appliance SMA and so on are the products of the American Cisco Cisco company.Cisco Content Security Management Appliance is a set of content security management equipment. The appliance is mainly used to manage all the policies, reports, audit information, etc. o...
CVE-2020-3164
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...
Input validation
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Content Security Management Appliance SMA could allow an unauthenticated remote attacker to cause high CPU usage on an affected device,...
CVE-2020-3164
Summary: CVE-2020-3164 is a GUI Denial of Service vulnerability in Cisco AsyncOS web interfaces for the Cisco Email Security Appliance (ESA), Web Security Appliance (WSA), and Content Security Management Appliance (SMA). It stems from improper validation of specific HTTP request headers, allowing...