Lucene search

K
CiscoContent Security Management Appliance*

6 matches found

CVE
CVE
added 2019/09/05 2:15 a.m.127 views

CVE-2019-12635

A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls....

4.3CVSS4.8AI score0.00095EPSS
CVE
CVE
added 2020/03/04 7:15 p.m.84 views

CVE-2020-3164

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, re...

5.3CVSS5.3AI score0.00813EPSS
CVE
CVE
added 2020/09/23 1:15 a.m.63 views

CVE-2020-3117

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient va...

4.7CVSS5AI score0.00069EPSS
CVE
CVE
added 2020/05/06 5:15 p.m.63 views

CVE-2020-3178

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an ...

6.1CVSS6.4AI score0.00249EPSS
CVE
CVE
added 2020/08/17 6:15 p.m.44 views

CVE-2020-3447

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive ver...

6.5CVSS5.6AI score0.00225EPSS
CVE
CVE
added 2021/05/06 1:15 p.m.35 views

CVE-2021-1447

A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An atta...

7.2CVSS6.9AI score0.00023EPSS