Email Security Appliance@* Security Vulnerabilities and Issues — Email Security Appliance@* CVE List

Lucene search

CiscoEmail Security Appliance*

8 matches found

CVE•added 2020/01/26 5:15 a.m.•125 views

CVE-2020-3134

A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of zip files. An att...

6.5CVSS6.5AI score0.00584EPSS

CVE•added 2020/03/04 7:15 p.m.•84 views

CVE-2020-3164

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, re...

5.3CVSS5.3AI score0.00813EPSS

CVE•added 2020/03/04 7:15 p.m.•76 views

CVE-2020-3181

A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient ...

6.5CVSS6.4AI score0.00525EPSS

CVE•added 2020/02/19 8:15 p.m.•71 views

CVE-2020-3132

A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device. The vulnerability is due to inadequate parsing mecha...

7.1CVSS6.2AI score0.0092EPSS

CVE•added 2020/09/23 1:15 a.m.•64 views

CVE-2020-3137

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because t...

6.1CVSS6AI score0.00469EPSS

CVE•added 2020/09/23 1:15 a.m.•56 views

CVE-2020-3133

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An attacker could exploit ...

7.5CVSS6.5AI score0.0022EPSS

CVE•added 2020/08/17 6:15 p.m.•44 views

CVE-2020-3447

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive ver...

6.5CVSS5.6AI score0.00225EPSS

CVE•added 2020/07/16 6:15 p.m.•40 views

CVE-2020-3370

A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a c...

5.8CVSS5AI score0.00214EPSS