VYPR

Email Security Appliance Firmware

by Cisco Systems, Inc.

CVEs (97)

  • CVE-2017-12353MedNov 30, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper…

  • CVE-2017-12218MedSep 7, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated, remote attacker to cause an email attachment containing malware to be delivered to…

  • CVE-2017-3827MedFeb 22, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.…

  • CVE-2017-3818MedFeb 3, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering…

  • CVE-2017-3800MedJan 26, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or content filters on the device. Affected Products: This vulnerability affects all…

  • CVE-2016-1411MedDec 14, 2016
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update…

  • CVE-2018-0447MedOct 5, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The vulnerability is due to incomplete input and…

  • CVE-2017-12309MedNov 16, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker…

  • CVE-2016-6463MedNov 19, 2016
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability…

  • CVE-2016-6462MedNov 19, 2016
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability…

  • CVE-2017-6783MedAug 17, 2017
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be…

  • CVE-2016-6465MedDec 14, 2016
    risk 0.28cvss 4.3epss 0.02

    A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device. Affected…

  • CVE-2020-3548Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of…

  • CVE-2020-26082Aug 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling…

  • CVE-2023-20057Jan 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of…

  • CVE-2022-20772Nov 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to…

  • CVE-2022-20942Nov 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve…

  • CVE-2022-20960Nov 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that…

  • CVE-2022-20868Nov 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid…

  • CVE-2022-20867Nov 3, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials…

Page 2 of 5