Cisco

Content Security Management Appliance

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-4288

  • EPSS 0.14%
  • Published 29.07.2015 01:59:06
  • Last modified 12.04.2025 10:46:40

The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-...

4.3

CVE-2015-0624

Exploit
  • EPSS 0.15%
  • Published 21.02.2015 11:59:02
  • Last modified 12.04.2025 10:46:40

The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412...

4.3

CVE-2014-3289

Exploit
  • EPSS 0.66%
  • Published 10.06.2014 11:19:35
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and earlier, and Content Security Management Appliance (SMA) 8.3 an...

4.3

CVE-2014-2195

  • EPSS 0.32%
  • Published 20.05.2014 11:13:37
  • Last modified 12.04.2025 10:46:40

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group...

8.5

CVE-2014-2119

  • EPSS 1.37%
  • Published 21.03.2014 01:04:02
  • Last modified 12.04.2025 10:46:40

The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 ...

7.8

CVE-2013-5537

  • EPSS 0.39%
  • Published 24.10.2013 10:53:09
  • Last modified 11.04.2025 00:51:21

The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a d...

6.8

CVE-2013-3395

  • EPSS 0.12%
  • Published 02.07.2013 03:43:34
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hi...

4.3

CVE-2013-3396

  • EPSS 0.26%
  • Published 26.06.2013 21:55:01
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID ...