736 matches found
CVE-2015-6321
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance ESA devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance SMA devices; and before 7.7.0-7...
CVE-2015-6291
CVE-2015-6291 affects Cisco AsyncOS on Email Security Appliance (ESA) devices. Root cause: improper input validation when filtering attachments (body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and attachment-dictionary-match), which can...
CVE-2015-6291
Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance ESA devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and...
CVE-2015-6293
Cisco Web Security Appliance (WSA) AsyncOS is affected by CVE-2015-6293 due to a flaw in the file-range request handling. The issue allows unauthenticated remote attackers to cause memory exhaustion and denial of service by opening multiple connections that request file ranges. Affected versions ...
CVE-2015-6321
Cisco AsyncOS contains a denial-of-service vulnerability (CVE-2015-6321) in the network stack triggered by a flood of TCP packets, leading to memory exhaustion and disruption of new TCP connections. Affected products include Cisco Email Security Appliance (ESA) on various 8.5.x–9.6.x branches, Ci...
CVE-2015-6293
Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via multiple file-range requests, aka Bug ID CSCur391...
Cisco Content Security Management Appliance AsyncOS TCP Flood Denial of Service Vulnerability (cisco-sa-20151104-aos)
A vulnerability in the network stack of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections. SPDX-FileCopyrightText: 2015 Greenbone AG...
Cisco Email Security Appliance AsyncOS TCP Flood Denial of Service Vulnerability
A vulnerability in the network stack of Cisco AsyncOS for Email Security Appliance could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from accepting new TCP connections. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions...
Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability
A vulnerability in the email message filtering feature of Cisco AsyncOS for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause an ESA device to become unavailable due to a denial of service DoS condition. The vulnerability is due to improper input validati...
Cisco AsyncOS TCP Flood Denial of Service Vulnerability
A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected device from...
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco AsyncOS on the Web Security Appliance WSA 9.0.0-193; Email Security Appliance ESA 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance SMA 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML...
CVE-2015-0732
Cross-site scripting XSS vulnerability in Cisco AsyncOS on the Web Security Appliance WSA 9.0.0-193; Email Security Appliance ESA 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance SMA 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML...
CVE-2015-0732
Summary: CVE-2015-0732 is a cross-site scripting (XSS) vulnerability affecting Cisco AsyncOS on Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033. The issue arises from insuf...
CVE-2015-0732
Cross-site scripting XSS vulnerability in Cisco AsyncOS on the Web Security Appliance WSA 9.0.0-193; Email Security Appliance ESA 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance SMA 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML...
Cisco Email Security Appliance AsyncOS Denial of Service Vulnerability
Cisco AsyncOS on Email Security Appliance ESA device is a set of operating systems running in the Email Security Appliance ESA from Cisco USA. A security vulnerability exists in Cisco AsyncOS on the Cisco ESA device. When the clustering component is enabled in the program, a remote attacker could...
Code injection
Cisco AsyncOS on Email Security Appliance ESA devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service clustering and SSH outage via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636...
CVE-2015-4236
Cisco AsyncOS on Email Security Appliance ESA devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service clustering and SSH outage via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636...
CVE-2015-4236
Cisco AsyncOS for Email Security Appliances (ESA) with clustering enabled is affected on ESA software versions 8.5.6-073, 8.5.6-074, and 9.0.0-461. The issue stems from improper handling of high-rate packet floods, allowing remote attackers to trigger a denial-of-service condition that makes clus...
Cisco AsyncOS for Cisco Email Security Appliance and Cisco Web Security Appliance Cluster Denial of Service Vulnerability
A vulnerability in the clustering component of Cisco AsyncOS for Cisco Email Security Appliance ESA and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause the device to become unresponsive on the clustering and SSH configured ports. The vulnerability is due ...
Cisco AsyncOS Web Framework Input Validation Vulnerability
Cisco AsyncOS on Email Security Appliance ESA and so on are products of Cisco USA.Cisco ESA is a set of email security appliances.Cisco Content SMA is a set of content security management appliances.Cisco AsyncOS is a set of operating systems used in these products. Cisco Web Security Appliance i...