Latest cisco asyncos Vulnerabilities

CVE-2020-26082
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are co...
Cisco AsyncOS<13.5.2
Cisco Email Security Appliance C170
Cisco Email Security Appliance C190
Cisco Email Security Appliance C380
Cisco Email Security Appliance C390
Cisco Email Security Appliance C680
and 10 more
CVE-2023-20215
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a ne...
Cisco AsyncOS=11.7.0-406
Cisco AsyncOS=11.7.0-418
Cisco AsyncOS=11.7.1-006
Cisco AsyncOS=11.7.1-020
Cisco AsyncOS=11.7.1-049
Cisco AsyncOS=11.7.2-011
and 58 more
CVE-2022-20952
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker ...
Cisco AsyncOS>=11.8<14.0.4
Cisco AsyncOS=14.5.0
Cisco S195
Cisco S395
Cisco S695
Cisco AsyncOS>=11.8<14.0.4
and 4 more
CVE-2023-20057
A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters o...
Cisco AsyncOS
Cisco Email Security Appliance C160
Cisco Email Security Appliance C170
Cisco Email Security Appliance C190
Cisco Email Security Appliance C370
Cisco Email Security Appliance C370d
and 20 more
CVE-2022-20942
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security ...
Cisco AsyncOS<14.2.1-015
Cisco AsyncOS>=14.3.0<14.3.0-023
Cisco Secure Email Gateway
Cisco AsyncOS<14.2.0-217
Cisco AsyncOS>=14.3.0<14.3.0-115
Cisco Secure Email and Web Manager
and 14 more
CVE-2022-20868
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker...
Cisco AsyncOS>=13.0<14.2.1
Cisco Secure Email Gateway
Cisco AsyncOS>=12.0<14.2.0
Cisco Secure Email and Web Manager
Cisco AsyncOS>=11.8<12.5.5
Cisco AsyncOS>=14.0<14.0.4
and 10 more
CVE-2022-20867
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection...
Cisco AsyncOS>=13.0<14.2.1
Cisco Secure Email Gateway
Cisco AsyncOS>=12.0<14.2.0
Cisco Secure Email and Web Manager
Cisco AsyncOS>=13.0<14.2.1
Cisco Secure Email Gateway
and 2 more
cisco-sa-esasmawsa-vulns-YRuSW5mD
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management Vulnerabilities
Cisco AsyncOS=14.3<14.3.0-0201>=13.0=13.5=14.0<=14.2<14.2.1-015
Cisco AsyncOS=14.3<14.3.0-1151>=12.0=12.5=12.8=13.0=13.6=13.8=14.0=14.1<=14.2<14.2.0-217
Cisco AsyncOS=14.5<14.5.1 (Nov 2022)=14.0<14.0.4 (Jan 2023)>=11.8=12.0<=12.5<12.5.5-004
cisco-sa-cnt-sec-infodiscl-BVKKnUG
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability
Cisco AsyncOS=14.3<14.3.0-0232>=12.0 and earlier=13.0=14.0=14.1<=14.2<14.2.1-015
Cisco AsyncOS=14.3<14.3.0-1152>=12.0 and earlier=13.0=14.0=14.1<=14.2<14.2.0-217
Cisco AsyncOS=14.0<14.0.2-012=12.5<12.5.4-005>=11.0 and earlier<=12.0<12.0.5-011
cisco-sa-sma-esa-auth-bypass-66kEcxQD
Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
Cisco AsyncOS=14.1<14.1.0-250=14.0<14.0.0-418=13.8<13.8.1-090=13.6<13.6.2-090>=11 and earlier=12=12.8<=13.0<13.0.0-277
Cisco AsyncOS=14<14.0.1-033<11=11=12<=13<13.0.5-001
CVE-2022-20781
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scri...
Cisco AsyncOS<14.5
Cisco Web Security Appliance
CVE-2022-20675
A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could a...
Cisco AsyncOS>=14.0<14.02.0-020
Cisco Email Security Appliance
Cisco AsyncOS>=12.5<14.1.0-239
Cisco Secure Email and Web Manager
Cisco AsyncOS>=12.0<14.0.2-012
Cisco Web Security Appliance
CVE-2022-20653
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated,...
Cisco AsyncOS<13.0.3
Cisco AsyncOS>=13.5.0<13.5.4.102
Cisco AsyncOS>=14.0<14.0.2.020
CVE-2021-34741
A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) ...
Cisco AsyncOS<13.0.4
Cisco AsyncOS=13.5.3-010
Cisco AsyncOS=13.7.0-093
Cisco M170
Cisco M190
Cisco M380
and 8 more
CVE-2021-34698
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS...
Cisco AsyncOS>=12.0<12.0.3-005
Cisco AsyncOS>=12.5<12.5.2-007
Cisco AsyncOS>=14.0<14.0.1-014
Cisco Web Security Appliance S170
Cisco Web Security Appliance S190
Cisco Web Security Appliance S380
and 4 more
CVE-2021-1534
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation fi...
Cisco AsyncOS<14.0.1
Cisco Email Security Appliance C170
Cisco Email Security Appliance C190
Cisco Email Security Appliance C380
Cisco Email Security Appliance C390
Cisco Email Security Appliance C680
and 2 more
CVE-2021-1359
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privilege...
Cisco Web Security Appliance=11.8.0-429
Cisco Web Security Appliance=11.8.0-453
Cisco AsyncOS>=11.8.0<12.0.3-005
Cisco AsyncOS>=12.5.0<12.5.2
cisco-sa-esa-wsa-cert-vali-n8L97RW
Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability
Cisco AsyncOS=13.5<13.5.3-010=13.0<13.0.0-030=12.5<12.5.3-035>=.5<12<Migrate to 12.5.3-035
Cisco AsyncOS=12.5<12.5.1-043=12.0<12.0.3-005=11.8<11.8.3-021>=.8<11<Migrate to 11.8.3-021
CVE-2020-3568
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation fi...
Cisco AsyncOS<=13.5.2
CVE-2019-1947
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization t...
Cisco Email Security Appliance=11.1.0-131
Cisco AsyncOS=12.1.0-085
CVE-2019-1983
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthent...
Cisco Content Security Management Appliance=11.4.0-812
Cisco AsyncOS<11.0.1-161
Cisco AsyncOS>=12.0<=12.5.0-633
Cisco Email Security Appliance=11.0.1-hp5-602
Cisco Email Security Appliance=11.1.0-404
Cisco AsyncOS<11.0.3-251
and 1 more
CVE-2020-3547
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appl...
Cisco AsyncOS<=13.5.1-277
Cisco Email Security Appliance
Cisco AsyncOS<=13.6.1-193
Cisco Content Security Management Appliance
Cisco AsyncOS<=11.7.2-011
Cisco Web Security Appliance
CVE-2020-3546
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information...
Cisco AsyncOS<=13.5.1
Cisco Email Security Appliance
CVE-2020-3368
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation fi...
Cisco AsyncOS<13.5.0
Cisco Email Security Appliance
CVE-2019-15956
Cisco AsyncOS>=10.1<10.1.5-004
Cisco AsyncOS>=10.5<11.5.3-016
Cisco AsyncOS>=11.7<11.7.1-006
Cisco Web Security Appliance=10.5.2-072
Cisco Web Security Appliance=11.5.1-fcs-125
Cisco Web Security Appliance=11.7.0-fcs-418
CVE-2019-1886
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is...
Cisco AsyncOS>=10.5<10.5.5-005
Cisco AsyncOS>=11.5<11.5.2-020
Cisco Web Security Appliance=10.5.2-072
Cisco Web Security Appliance=10.5.3-025
Cisco Web Security Appliance=11.7.0-fcs-334
CVE-2019-1884
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) conditi...
Cisco AsyncOS>=10.1<10.5.5-005
Cisco AsyncOS>=11.5<11.5.2-020
Cisco AsyncOS>=11.7<11.7.0-407
Cisco Web Security Appliance=10.1.4-017
Cisco Web Security Appliance=10.5.2-072
Cisco Web Security Appliance=11.5.1-fcs-125
and 1 more
CVE-2018-15460
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization ...
Cisco AsyncOS<11.0.2-044_md
Cisco AsyncOS>=11.1.0<11.1.2-023_md
Cisco Email Security Appliance

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203