CVE-2015-0577
- EPSS 0.33%
- Published 14.01.2015 19:59:01
- Last modified 12.04.2025 10:46:40
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote attackers to inject arb...
- EPSS 0.16%
- Published 19.10.2014 01:55:13
- Last modified 12.04.2025 10:46:40
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.
CVE-2014-2195
- EPSS 0.32%
- Published 20.05.2014 11:13:37
- Last modified 12.04.2025 10:46:40
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group...