65 matches found
CVE-2016-1405
ClamAV libclamav vulnerability (CVE-2016-1405) allows remote attackers to cause a denial of service via a crafted document, affecting Cisco ESA appliances (before 9.7.0-125) and WSA appliances (before 9.0.1-135 and 9.1.x before 9.1.1-041). Root cause: parsing defect in libclamav leading to AMP pr...
CVE-2023-20032
CVE-2023-20032 affects ClamAV HFS+ parser: vulnerable in versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier due to a missing buffer size check that can cause a heap buffer overflow. An unauthenticated, remote attacker could trigger arbitrary code execution with the ClamAV sc...
CVE-2022-20784
CVE-2022-20784 is a Cisco Web Security Appliance (WSA) filter-bypass vulnerability in the WBRS engine of Cisco AsyncOS. The issue stems from incorrect handling of certain URL character combinations, allowing an unauthenticated, remote attacker to bypass web request policies and access content blo...
CVE-2023-20120
Cisco CVE-2023-20120 covers multiple XSS vulnerabilities in the web-based management interfaces of Cisco AsyncOS Software used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA), and Cisco Secure Web Appliance (WSA). The issues arise from insufficient input validation in the ...
CVE-2019-1886
The CVE-2019-1886 entry describes a DoS in Cisco Web Security Appliance (WSA) due to insufficient validation of SSL server certificates in the HTTPS decryption feature. Attackers can remotely exploit by presenting a malformed certificate to a web server, sent through WSA, to trigger an unexpected...
CVE-2019-1884
The CVE-2019-1884 issue affects Cisco Web Security Appliance (WSA) AsyncOS Web Proxy functionality. A vulnerability in input validation for certain HTTP/HTTPS request fields could allow an authenticated, remote attacker to cause the device to stop processing traffic, producing a DoS condition. Th...
CVE-2020-3164
Summary: CVE-2020-3164 is a GUI Denial of Service vulnerability in Cisco AsyncOS web interfaces for the Cisco Email Security Appliance (ESA), Web Security Appliance (WSA), and Content Security Management Appliance (SMA). It stems from improper validation of specific HTTP request headers, allowing...
CVE-2019-15956
The CVE-2019-15956 entry concerns Cisco Web Security Appliance (WSA) AsyncOS Web Management Interface vulnerability. Connected sources confirm an authenticated, remote attacker can exploit improper authorization on a specific URL to perform an unauthorized device reset. The documented impacts inc...
CVE-2019-15969
CVE-2019-15969 : Cisco Web Security Appliance (WSA) web UI has an input validation flaw allowing unauthenticated remote XSS via a crafted link. Impact is execution of script/HTML in the interface, potentially exposing browser-based data. Root cause: insufficient input validation in the management...
CVE-2021-1359
CVE-2021-1359 affects Cisco AsyncOS Web Security Appliance (WSA) in the configuration management path. The issue arises from insufficient validation of user-supplied XML input in the web interface, allowing an authenticated, remote attacker with a valid account to upload crafted XML configuration...
CVE-2020-3117
CVE-2020-3117 affects Cisco AsyncOS API Framework in Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA). The vulnerability allows an unauthenticated, remote attacker to inject arbitrary HTTP headers into HTTP responses due to insufficient validation of user i...
CVE-2017-6749
CVE-2017-6749 describes a stored cross-site scripting (XSS) vulnerability in the Cisco Web Security Appliance (WSA) web-based management interface. An authenticated, remote attacker can exploit this by convincing a user to follow a crafted link, triggering script execution in the user’s browser s...
CVE-2017-6751
Cisco Web Security Appliance (WSA) is affected (virtual and hardware). The issue is a web proxy bypass where traffic forwarded from the web proxy interface to the administrative management interface is not denied, enabling an unauthenticated remote attacker to reach the admin interface (Access Co...
CVE-2021-1490
CVE-2021-1490 : Cisco Web Security Appliance (WSA) uses Cisco AsyncOS with a web-based management interface vulnerable to cross-site scripting (XSS) due to improper validation of user-supplied input. An unauthenticated, remote attacker can lure a user to upload a crafted file containing a malicio...
CVE-2021-1129
The CVE-2021-1129 vulnerability affects Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA). Root cause: missing requirement for a secure authentication token when accessing the general purpose APIs, allowing an unauthent...
CVE-2016-1411
CVE-2016-1411 affects Cisco AsyncOS Software used on Email Security Appliances (ESA), Web Security Appliances (WSA), and Content Management Security Appliances (SMA). The issue stems from lack of certificate validation during HTTPS updates, allowing an unauthenticated attacker to perform a man-in...
CVE-2023-20119
CVE-2023-20119 affects Cisco AsyncOS Software for Cisco Secure Email and Web Manager (formerly Content Security Management Appliance). The web-based management interface is vulnerable to cross-site scripting (XSS) due to insufficient input validation. An unauthenticated, remote attacker can entic...
CVE-2015-6321
Cisco AsyncOS contains a denial-of-service vulnerability (CVE-2015-6321) in the network stack triggered by a flood of TCP packets, leading to memory exhaustion and disruption of new TCP connections. Affected products include Cisco Email Security Appliance (ESA) on various 8.5.x–9.6.x branches, Ci...
CVE-2018-0353
CVE-2018-0353 affects Cisco Web Security Appliance (WSA) AsyncOS, where a vulnerability in the L4 Traffic Monitor (L4TM) can be exploited by unauthenticated remote attackers to bypass L4TM protections. The issue stems from a change in the underlying OS used to monitor traffic, and is applicable t...
CVE-2015-6293
Cisco Web Security Appliance (WSA) AsyncOS is affected by CVE-2015-6293 due to a flaw in the file-range request handling. The issue allows unauthenticated remote attackers to cause memory exhaustion and denial of service by opening multiple connections that request file ranges. Affected versions ...
CVE-2017-6783
CVE-2017-6783 affects Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA). The root cause is that these devices do not protect confidential information at rest in SNMP poll responses, enabling an authenticated, remote attacker to dis...
CVE-2019-1817
CVE-2019-1817 describes a DoS in Cisco Web Security Appliance (AsyncOS) web proxy due to improper validation of HTTP/HTTPS requests. An unauthenticated remote attacker can send malformed requests to trigger a restart of the web proxy process, causing a temporary DoS. The affected product is Cisco...
CVE-2021-1566
CVE-2021-1566 affects Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) due to improper TLS certificate validation in the AMP for Endpoints integration (AsyncOS). A remote, unauthenticated attacker could perform a man-in-the-middle to intercept traffic between the device...
CVE-2013-3395
CVE-2013-3395 describes a CSRF flaw in the web framework of Cisco IronPort products (Web Security Appliance, Email Security Appliance, Content Security Management Appliance). The vulnerability allows remote attackers to hijack the authentication of arbitrary users by inducing them to perform unwa...
CVE-2023-20028
Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (ESA) and Cisco Secure Web Appliance (WSA) web-based management interfaces are affected by cross-site scripting vulnerabilities due to insufficient input validation. The issues enable remote attackers to del...
CVE-2017-3870
CVE-2017-3870 is a vulnerability in the URL filtering feature of Cisco AsyncOS for Cisco Web Security Appliance (WSA) that could allow an unauthenticated, remote attacker to bypass a configured URL filter. Affected: all releases prior to the first fixed release of Cisco AsyncOS for WSA, on both v...
CVE-2021-1516
CVE-2021-1516 affects Cisco AsyncOS Software on the Cisco Content Security Management Appliance (SMA), Email Security Appliance (ESA), and Web Security Appliance (WSA). Root cause: confidential information is included in HTTP requests exchanged between the user and the device, allowing an authent...
CVE-2015-6386
The Cisco Web Security Appliance (WSA) passthrough FTP feature is affected. A vulnerability in WSA software versions 8.0.7-142 and 8.5.1-021 can allow an unauthenticated, remote attacker to cause a denial of service via FTP sessions where the control connection is closed after data transfer (Bug ...
CVE-2017-6746
The CVE-2017-6746 entry describes a command-injection and root-privilege escalation vulnerability in the web interface of Cisco Web Security Appliance (WSA) running Cisco AsyncOS. Impact requires an authenticated administrator, and the flaw allows remote command execution with root privileges via...
CVE-2015-6292
Cisco AsyncOS on Web Security Appliance (WSA) is affected by CVE-2015-6292 due to a proxy-cache memory handling fault. The vulnerability allows unauthenticated remote attackers to cause memory exhaustion and DoS by opening multiple proxy connections; versions affected include 8.0.x before 8.0.7-1...
CVE-2019-1816
The CVE-2019-1816 issue affects Cisco Web Security Appliance (WSA). Affected component: log subscription subsystem; root cause is insufficient validation of user-supplied input on web and CLI interfaces. Exploitation scenario: an authenticated, local attacker can inject scripts/commands within th...
CVE-2016-9212
Cisco Web Security Appliance (WSA) Drop Decrypt Policy Bypass (CVE-2016-9212) is caused by incomplete HTTP header input validation in the Decrypt for End-User Notification configuration. Under HTTPS decryption, an unauthenticated remote attacker could connect to a blocked HTTPS website despite po...
CVE-2019-1672
CVE-2019-1672 describes a vulnerability in the Cisco Web Security Appliance (WSA) where the Decryption Policy Default Action handling allows an unauthenticated, remote attacker to bypass a configured drop policy and permit SSL traffic that should have been denied. The root cause is the incorrect ...
CVE-2015-0624
Cisco AsyncOS web framework on ESA, SMA, and WSA is vulnerable to an HTTP header injection flaw due to insufficient validation of header values (notably Host/X-Forwarded-Host). A remote attacker can trigger redirects to arbitrary URLs by sending crafted HTTP headers, potentially aided by publicly...
CVE-2016-6416
The CVE-2016-6416 issue affects Cisco AsyncOS on ESA, WSA, and SMA devices. The local FTP service could be flooded by remote attackers, causing DoS due to lack of throttling. Affected versions include ESA 9.6.0-000 through 9.9.6-026, WSA 9.0.0-162 through 9.5.0-444, and SMA in the same family. Ro...
CVE-2015-4288
CVE-2015-4288 affects Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048. The LDAP server in these devices does not verify X.509 certificates from SSL servers, enabling a man-in-the-middle attacker to s...
CVE-2018-0410
The CVE-2018-0410 issue affects Cisco Web Security Appliance (WSA) AsyncOS web proxy. It describes a memory-exhaustion DoS caused by improper management of memory resources for TCP connections to the data interface over IPv4/IPv6, exploitable by establishing a high number of TCP connections. The ...
CVE-2015-0693
CVE-2015-0693 affects Cisco Web Security Appliance (WSA) devices running 8.5.0-ise-147, where improper handling of the pickle module during tunnel-status checks allows an authenticated, local attacker to execute arbitrary Python code and elevate privileges via a crafted pickle file (Bug CSCut3925...
CVE-2018-0366
CVE-2018-0366 affects Cisco Web Security Appliance (WSA) and concerns a reflected cross-site scripting (XSS) vulnerability in the web-based management interface caused by insufficient input validation. An unauthenticated, remote attacker could lure a user to click a crafted link, resulting in arb...
CVE-2016-1440
CVE-2016-1440 affects Cisco Web Security Appliance (WSA) prior to some fixed software versions where the proxy’s native pass-through FTP functionality can be abused to cause a partial DoS via high CPU usage. The root cause is the FTP client terminating the FTP control connection improperly after ...
CVE-2017-6750
Cisco Web Security Appliance AsyncOS is affected by CVE-2017-6750 due to a default/static password on a user account. This permits an unauthenticated remote attacker to log in to the web GUI with elevated access, or an unauthenticated/remote attacker to authenticate areas of the GUI, as described...
CVE-2018-0428
CVE-2018-0428 is a Cisco Web Security Appliance (WSA) elevation-of-privilege vulnerability in the account management subsystem. An authenticated local attacker with valid admin credentials can bypass access controls to elevate to root, escape the CLI subshell, and run system-level commands. The r...
CVE-2013-5537
The CVE-2013-5537 issue affects Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA). The web framework does not properly manage HTTP/HTTPS session state, allowing an unauthenticated remote attacker to cause a denial of service (manag...
CVE-2015-0623
CVE-2015-0623 affects Cisco Web Security Appliance (WSA) Administrator report page. The issue is due to insufficient input validation, enabling unauthenticated remote XSS via unspecified vectors. Impact can include arbitrary script execution, cookie theft, and session hijacking on affected users....
CVE-2015-0732
Summary: CVE-2015-0732 is a cross-site scripting (XSS) vulnerability affecting Cisco AsyncOS on Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033. The issue arises from insuf...
CVE-2015-0628
The CVE-2015-0628 issue affects Cisco Web Security Appliance (WSA) where the proxy engine fails to properly handle malformed HTTP methods, enabling remote attackers to bypass proxying restrictions. This is a vulnerability in the proxy component that could permit unauthorized proxy traffic if an a...
CVE-2015-0738
Cisco Web Security Appliance (WSA) Web Tracking Report page (version 8.5.0-497) contains a cross-site scripting (XSS) vulnerability due to improper validation of user-supplied input on a field. An unauthenticated, remote attacker could inject arbitrary script in the vulnerable page, potentially a...
CVE-2015-4198
Cisco Web Security Appliance (WSA) WEB FRAMEWORK HTTP HEADER INJECTION: An unauthenticated remote attacker could craft an HTTP header to inject arbitrary HTML/script into the browser via the WSA web interface. Root cause: insufficient validation of header value used in responses. Affected product...
CVE-2016-6372
CVE-2016-6372 affects Cisco AsyncOS for Cisco ESA and WSA (MIME header handling). A vulnerability in email message and content filtering due to improper error handling of malformed MIME headers could allow an unauthenticated, remote attacker to bypass the device’s filtering, potentially allowing ...
CVE-2017-6748
Cisco Web Security Appliance (WSA) CLI parser vulnerability CVE-2017-6748 enables an authenticated, local attacker with operator/administrator credentials to inject commands and elevate to root. Affected: virtual and hardware WSA platforms. Root cause: insufficient validation in the CLI parser al...