Email Security Appliance@8.5.7-042 Security Vulnerabilities and Issues — Email Security Appliance@8.5.7-042 CVE List

Lucene search

CiscoEmail Security Appliance8.5.7-042

8 matches found

CVE•added 2015/11/06 3:59 a.m.•47 views

CVE-2015-6291

Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and attachment-diction...

7.8CVSS6.8AI score0.01098EPSS

CVE•added 2015/07/29 1:59 a.m.•45 views

CVE-2015-4288

The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain ...

4.3CVSS6.1AI score0.00137EPSS

CVE•added 2016/10/28 10:59 a.m.•40 views

CVE-2016-1480

A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: all r...

7.5CVSS7.6AI score0.00272EPSS

CVE•added 2016/10/28 10:59 a.m.•40 views

CVE-2016-1481

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.Affected Products: This vulnerability affects all releases prior to...

7.8CVSS7.5AI score0.0076EPSS

CVE•added 2016/10/28 10:59 a.m.•39 views

CVE-2016-6372

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering...

7.5CVSS7.7AI score0.0027EPSS

CVE•added 2016/12/14 12:59 a.m.•39 views

CVE-2016-6465

A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected Products: This vulnerabi...

4.3CVSS4.8AI score0.00194EPSS

CVE•added 2016/10/28 10:59 a.m.•37 views

CVE-2016-1486

A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages du...

7.8CVSS7.4AI score0.0076EPSS

CVE•added 2016/10/28 10:59 a.m.•33 views

CVE-2016-6356

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition. Affected Produc...

7.8CVSS7.5AI score0.0076EPSS