12 matches found
Attackers can bypass authentication in Cisco SMA & ESA
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An attacker can login into a web management interface of an affected system to perform bypass authentication remotely...
Cisco Email Security Appliance DNS Verification Denial of Service Vulnerability
A vulnerability in the DNS-based Authentication of Named Entities DANE email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability...
CVE-2021-1129
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance ESA, Cisco Content Security Management Appliance SMA, and Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to access general system information and...
CVE-2020-3133
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit...
CVE-2020-3132 Cisco Email Security Appliance Shortened URL Denial of Service Vulnerability
A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a temporary denial of service DoS condition on an affected device. The vulnerability is due to inadequate parsing...
CVE-2019-1933 Cisco Email Security Appliance Content Filter Bypass Vulnerability
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper input validation of certain email fields. An attacker cou...
CVE-2019-1921 Cisco Email Security Appliance Content Filter Bypass Vulnerability
A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email body. An attacker coul...
Cisco Email Security Appliance Malformed EML Attachment Bypass Vulnerability
A vulnerability in the malware detection functionality within Advanced Malware Protection AMP of Cisco AsyncOS Software for Cisco Email Security Appliances ESAs could allow an unauthenticated, remote attacker to cause an email attachment containing malware to be delivered to the end user. The...
Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability
A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. SPDX-FileCopyrightText: 2017 Greenbone AG Some text...
Design/Logic Flaw
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions MIME headers of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass the filtering...
Cisco Email Security Appliance MIME Header Bypass Vulnerability
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions MIME headers of Cisco AsyncOS Software for Cisco Email Security Appliances ESA and Web Security Appliances WSA could allow an unauthenticated, remote attacker to bypass the filtering...
Cisco Email Security Appliance .zip File Scanning Security Bypass Vulnerability
A vulnerability in the anti-spam filter of the Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass anti-spam filtering functionality on an affected system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a reference...