Content Security Management Appliance Security Vulnerabilities and Issues — Content Security Management Appliance CVE List

Lucene search

CiscoContent Security Management Appliance

7 matches found

CVE•added 2020/05/06 5:15 p.m.•63 views

CVE-2020-3178

Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an ...

6.1CVSS6.4AI score0.00249EPSS

CVE•added 2017/06/13 6:29 a.m.•62 views

CVE-2017-6661

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of ...

6.1CVSS5.9AI score0.00296EPSS

CVE•added 2013/07/02 3:43 a.m.•56 views

CVE-2013-3395

Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka B...

6.8CVSS7.5AI score0.00122EPSS

CVE•added 2021/05/06 1:15 p.m.•54 views

CVE-2021-1516

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an aff...

6.5CVSS5.2AI score0.00319EPSS

CVE•added 2018/02/08 7:29 a.m.•45 views

CVE-2018-0140

A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of veri...

6.5CVSS6.3AI score0.00488EPSS

CVE•added 2020/08/17 6:15 p.m.•44 views

CVE-2020-3447

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive ver...

6.5CVSS5.6AI score0.00225EPSS

CVE•added 2018/11/08 5:29 p.m.•40 views

CVE-2018-15393

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insuff...

6.1CVSS5.3AI score0.00087EPSS