CVE-2015-6309
- EPSS 0.31%
- Published 02.10.2015 15:59:03
- Last modified 12.04.2025 10:46:40
Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.
CVE-2015-6285
- EPSS 0.44%
- Published 14.09.2015 01:59:03
- Last modified 12.04.2025 10:46:40
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.
CVE-2015-4288
- EPSS 0.14%
- Published 29.07.2015 01:59:06
- Last modified 12.04.2025 10:46:40
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-...
CVE-2015-4236
- EPSS 0.6%
- Published 10.07.2015 19:59:00
- Last modified 12.04.2025 10:46:40
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CS...
- EPSS 0.58%
- Published 13.06.2015 10:59:00
- Last modified 12.04.2025 10:46:40
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733.