Cisco

Web Security Appliance

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2020-3117

  • EPSS 0.07%
  • Veröffentlicht 23.09.2020 01:15:14
  • Zuletzt bearbeitet 21.11.2024 05:30:21

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's resp...

6.1

CVE-2019-15969

  • EPSS 0.15%
  • Veröffentlicht 23.09.2020 01:15:13
  • Zuletzt bearbeitet 21.11.2024 04:29:50

A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulne...

5.3

CVE-2020-3164

  • EPSS 0.81%
  • Veröffentlicht 04.03.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:30:27

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker ...

8.8

CVE-2019-15956

  • EPSS 0.2%
  • Veröffentlicht 26.11.2019 03:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:49

A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to ...

8.6

CVE-2019-1886

  • EPSS 0.85%
  • Veröffentlicht 04.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:36

A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets ...

6.5

CVE-2019-1884

  • EPSS 0.38%
  • Veröffentlicht 04.07.2019 20:15:10
  • Zuletzt bearbeitet 21.11.2024 04:37:36

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due...

7.5

CVE-2019-1817

  • EPSS 0.67%
  • Veröffentlicht 03.05.2019 17:29:01
  • Zuletzt bearbeitet 21.11.2024 04:37:26

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to ...

7.8

CVE-2019-1816

  • EPSS 0.07%
  • Veröffentlicht 03.05.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:26

A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The vulnerability is due to insufficient validation ...

5.8

CVE-2019-1672

  • EPSS 0.18%
  • Veröffentlicht 08.02.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:03

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have bee...

8.6

CVE-2018-0410

  • EPSS 2.09%
  • Veröffentlicht 15.08.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:10

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. T...