Email Security Appliance Firmware Security Vulnerabilities and Issues — Email Security Appliance Firmware CVE List

Lucene search

CiscoEmail Security Appliance Firmware

8 matches found

CVE•added 2019/11/26 4:15 a.m.•97 views

CVE-2019-15988

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An ...

5.8CVSS5.3AI score0.00336EPSS

CVE•added 2019/11/26 4:15 a.m.•79 views

CVE-2019-15971

A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker c...

5.8CVSS4.7AI score0.0017EPSS

CVE•added 2017/11/16 7:29 a.m.•71 views

CVE-2017-12309

A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vu...

5.3CVSS5.2AI score0.00976EPSS

CVE•added 2022/11/04 6:15 p.m.•58 views

CVE-2022-20772

A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input valu...

5.3CVSS5.3AI score0.00118EPSS

CVE•added 2016/11/19 3:3 a.m.•44 views

CVE-2016-6462

A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability affects all releases ...

5.3CVSS5.3AI score0.00183EPSS

CVE•added 2016/11/19 3:3 a.m.•44 views

CVE-2016-6463

5.3CVSS5.3AI score0.00192EPSS

CVE•added 2017/02/03 7:59 a.m.•43 views

CVE-2017-3818

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. This vulnera...

5.8CVSS5.7AI score0.00207EPSS

CVE•added 2017/02/22 2:59 a.m.•37 views

CVE-2017-3827

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This ...

5.8CVSS5.7AI score0.00361EPSS