Asyncos Security Vulnerabilities and Issues — Asyncos CVE List

Lucene search

CiscoAsyncos

3 matches found

CVE•added 2014/05/20 11:13 a.m.•48 views

CVE-2014-2195

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.

4.3CVSS7.2AI score0.00321EPSS

CVE•added 2015/02/07 4:59 a.m.•36 views

CVE-2015-0605

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.

4.3CVSS6.9AI score0.00583EPSS

CVE•added 2015/01/14 7:59 p.m.•32 views

CVE-2015-0577

Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote attackers to inject arbitrary web script or HTML via unspecified paramet...

4.3CVSS5.9AI score0.00329EPSS