5 matches found
CVE-2024-20401
CVE-2024-20401 affects Cisco Secure Email Gateway (AsyncOS) content scanning and message filtering. The flaw allows an unauthenticated, remote attacker to overwrite arbitrary files on the device via a crafted email attachment when file analysis/content filters are enabled, potentially enabling cr...
CVE-2023-20120
Cisco CVE-2023-20120 covers multiple XSS vulnerabilities in the web-based management interfaces of Cisco AsyncOS Software used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA), and Cisco Secure Web Appliance (WSA). The issues arise from insufficient input validation in the ...
CVE-2023-20119
CVE-2023-20119 affects Cisco AsyncOS Software for Cisco Secure Email and Web Manager (formerly Content Security Management Appliance). The web-based management interface is vulnerable to cross-site scripting (XSS) due to insufficient input validation. An unauthenticated, remote attacker can entic...
CVE-2023-20028
Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA) and Cisco Secure Web Appliance (WSA) web-based management interfaces are affected by cross-site scripting vulnerabilities due to insufficient input validation. The issues enable remote attackers to del...
CVE-2025-20153
CVE-2025-20153 affects Cisco Secure Email Gateway. A vulnerability in the email filtering mechanism could allow an unauthenticated, remote attacker to bypass configured rules and have emails that should have been denied pass through an affected device. The root cause is improper handling of email...