VYPR

AsyncOS Software

by Cisco Systems, Inc.

CVEs (32)

  • CVE-2019-1947HigSep 23, 2020
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an…

  • CVE-2018-15460HigJan 10, 2019
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an…

  • CVE-2018-15453HigJan 10, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an…

  • CVE-2022-20653HigFeb 17, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected…

  • CVE-2020-3133HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An…

  • CVE-2019-1955HigAug 8, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input…

  • CVE-2016-9212HigDec 14, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security…

  • CVE-2016-6372HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to…

  • CVE-2016-1486HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and…

  • CVE-2017-12215HigSep 21, 2017
    risk 0.46cvss 7.1epss 0.02

    A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to run out of memory and stop scanning and forwarding email messages. When system…

  • CVE-2024-20392MedMay 15, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some…

  • CVE-2024-20258MedMay 15, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due…

  • CVE-2022-20784MedApr 6, 2022
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This…

  • CVE-2019-1933MedJul 6, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper input validation of certain email…

  • CVE-2019-1905MedJun 20, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of…

  • CVE-2019-1831MedApr 18, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email…

  • CVE-2016-1411MedDec 14, 2016
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update…

  • CVE-2024-20504MedNov 6, 2024
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a…

  • CVE-2023-20120MedJun 28, 2023
    risk 0.35cvss 5.4epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance…

  • CVE-2023-20028MedJun 28, 2023
    risk 0.35cvss 5.4epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance…

Page 1 of 2