Lucene search
K
CiscoSecure Email And Web Manager

7 matches found

CVE
CVE
added 2022/06/15 5:55 p.m.143 views

CVE-2022-20664

CVE-2022-20664 affects Cisco Secure Email and Web Manager (SMA) and Cisco Email Security Appliance (ESA). The issue is an information-disclosure vulnerability in the web management interface caused by insufficient input sanitization when querying an external LDAP authentication server. An authent...

7.7CVSS7.5AI score0.00959EPSS
CVE
CVE
added 2023/06/28 12:0 a.m.110 views

CVE-2023-20120

Cisco CVE-2023-20120 covers multiple XSS vulnerabilities in the web-based management interfaces of Cisco AsyncOS Software used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA), and Cisco Secure Web Appliance (WSA). The issues arise from insufficient input validation in the ...

6.1CVSS5.8AI score0.00473EPSS
CVE
CVE
added 2023/02/16 3:25 p.m.105 views

CVE-2023-20009

CVE-2023-20009 affects Cisco’s Web UI and administrative CLI on the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA). The issue stems from processing of a specially crafted SNMP configuration file, which, if uploaded by an authenticated user with at least operator pri...

7.2CVSS7.3AI score0.01262EPSS
Web
CVE
CVE
added 2022/06/15 5:55 p.m.102 views

CVE-2022-20798

Cisco’s CVE-2022-20798 vulnerability affects Cisco Secure Email and Web Manager (SMA) and Cisco Email Security Appliance (ESA). The flaw arises from improper authentication checks when external authentication uses LDAP, allowing an unauthenticated, remote attacker to bypass login and access the w...

9.8CVSS9.8AI score0.01427EPSS
CVE
CVE
added 2023/06/28 12:0 a.m.74 views

CVE-2023-20119

CVE-2023-20119 affects Cisco AsyncOS Software for Cisco Secure Email and Web Manager (formerly Content Security Management Appliance). The web-based management interface is vulnerable to cross-site scripting (XSS) due to insufficient input validation. An unauthenticated, remote attacker can entic...

6.1CVSS6AI score0.00508EPSS
CVE
CVE
added 2023/06/28 12:0 a.m.67 views

CVE-2023-20028

Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA) and Cisco Secure Web Appliance (WSA) web-based management interfaces are affected by cross-site scripting vulnerabilities due to insufficient input validation. The issues enable remote attackers to del...

5.4CVSS5.5AI score0.00473EPSS
CVE
CVE
added 2021/08/18 7:40 p.m.57 views

CVE-2021-1561

Cisco Secure Email and Web Manager (formerly SMA) contains CVE-2021-1561: an authenticated remote attacker can gain unauthorized access to and modify another user’s spam quarantine settings due to improper restriction of the spam-quarantine feature. Exploitation involves sending malicious request...

5.5CVSS5.6AI score0.00743EPSS