3 matches found
CVE-2015-4217
The CVE-2015-4217 issue affects Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv). The root cause is the use of the same default SSH host keys across different customer installations, enabling an unauthenticated ...
CVE-2015-4216
The CVE concerns Cisco WSAv/ESAv/SMAv devices where the remote-support feature uses the same default SSH root authorized key across different customer installations, enabling an attacker with knowledge of a private key from another installation to bypass authentication. Affected products are Cisc...
CVE-2015-0732
Summary: CVE-2015-0732 is a cross-site scripting (XSS) vulnerability affecting Cisco AsyncOS on Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033. The issue arises from insuf...