VYPR

Content Security Management Appliance (sma)

by Cisco Systems, Inc.

CVEs (19)

  • CVE-2017-6783MedAug 17, 2017
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be…

  • CVE-2020-3122Mar 4, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.

  • CVE-2021-1425Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because…

  • CVE-2021-1561Aug 18, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This…

  • CVE-2021-1516May 6, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive…

  • CVE-2021-1447May 6, 2021
    risk 0.00cvss epss 0.00

    A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password…

  • CVE-2021-1129Jan 20, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general…

  • CVE-2019-1983Sep 23, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes…

  • CVE-2020-3117Sep 23, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is…

  • CVE-2020-3547Sep 4, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive…

  • CVE-2020-3447Aug 17, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is…

  • CVE-2020-3370Jul 16, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this…

  • CVE-2020-3178May 6, 2020
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of…

  • CVE-2020-3164Mar 4, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an…

  • CVE-2019-12635Sep 5, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role…

  • CVE-2018-15393Nov 8, 2018
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The…

  • CVE-2015-4322Aug 19, 2015
    risk 0.00cvss epss 0.02

    Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a…

  • CVE-2014-2119Mar 21, 2014
    risk 0.00cvss epss 0.03

    The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated…

  • CVE-2013-5537Oct 24, 2013
    risk 0.00cvss epss 0.01

    The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management…