Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cisco Subscribe
Filtered by product Content Security Management Appliance
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-0140 1 Cisco 19 Content Security Management Appliance, Content Security Management Appliance Sma M190, Content Security Management Appliance Sma M390 and 16 more 2023-02-21 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.
CVE-2016-2183 6 Cisco, Nodejs, Openssl and 3 more 9 Content Security Management Appliance, Node.js, Openssl and 6 more 2023-02-12 5.0 MEDIUM 7.5 HIGH
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
CVE-2021-1516 1 Cisco 5 Asyncos, Content Security Management Appliance, Email Security Appliance and 2 more 2021-05-14 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.
CVE-2021-1447 1 Cisco 1 Content Security Management Appliance 2021-05-14 7.2 HIGH 6.7 MEDIUM
A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling specific Administrator-only features and connecting to the appliance through the CLI with elevated privileges. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. To exploit this vulnerability, the attacker must have valid Administrator credentials.
CVE-2021-1129 1 Cisco 3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance 2021-01-27 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.
CVE-2019-12635 1 Cisco 1 Content Security Management Appliance 2020-10-08 3.5 LOW 4.3 MEDIUM
A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.
CVE-2020-3117 1 Cisco 2 Content Security Management Appliance, Web Security Appliance 2020-10-01 4.3 MEDIUM 4.7 MEDIUM
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser.
CVE-2019-1983 1 Cisco 3 Asyncos, Content Security Management Appliance, Email Security Appliance 2020-10-01 7.8 HIGH 5.3 MEDIUM
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of email attachments. An attacker could exploit this vulnerability by sending an email message with a crafted attachment through an affected device. A successful exploit could allow the attacker to cause specific processes to crash repeatedly, resulting in the complete unavailability of both the Cisco Advanced Malware Protection (AMP) and message tracking features and in severe performance degradation while processing email. After the affected processes restart, the software resumes filtering for the same attachment, causing the affected processes to crash and restart again. A successful exploit could also allow the attacker to cause a repeated DoS condition. Manual intervention may be required to recover from this situation.
CVE-2020-3547 1 Cisco 4 Asyncos, Content Security Management Appliance, Email Security Appliance and 1 more 2020-09-16 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface.
CVE-2020-3447 1 Cisco 2 Content Security Management Appliance, Email Security Appliance 2020-08-20 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could exploit this vulnerability by accessing specific log files on an affected device. A successful exploit could allow the attacker to obtain sensitive log data, which may include user credentials. To exploit this vulnerability, the attacker would need to have valid credentials at the operator level or higher on the affected device.
CVE-2020-3178 1 Cisco 1 Content Security Management Appliance 2020-05-12 5.8 MEDIUM 6.1 MEDIUM
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an HTTP request. An attacker could exploit these vulnerabilities by intercepting an HTTP request and modifying it to redirect a user to a specific malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious web page or to obtain sensitive browser-based information. This type of attack is commonly referred to as an open redirect attack and is used in phishing attacks to get users to unknowingly visit malicious sites.
CVE-2020-3164 1 Cisco 4 Cloud Email Security, Content Security Management Appliance, Email Security Appliance and 1 more 2020-03-05 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded.
CVE-2018-15393 1 Cisco 1 Content Security Management Appliance 2019-10-09 4.3 MEDIUM 6.1 MEDIUM
A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CVE-2013-3395 1 Cisco 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance 2018-10-30 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634.
CVE-2013-5537 1 Cisco 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance 2018-10-30 7.8 HIGH N/A
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635.
CVE-2014-2119 1 Cisco 3 Content Security Management Appliance, Email Security Appliance Firmware, Ironport Asyncos 2018-10-30 8.5 HIGH N/A
The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118.
CVE-2014-2195 1 Cisco 3 Asyncos, Content Security Management Appliance, Email Security Appliance Firmware 2018-10-30 4.3 MEDIUM N/A
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.
CVE-2014-3289 1 Cisco 4 Content Security Management Appliance, Email Security Appliance Firmware, Ironport Asyncos and 1 more 2018-10-30 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web Security Appliance (WSA) 8.0 (.5 Hot Patch 1) and earlier, and Content Security Management Appliance (SMA) 8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, as demonstrated by the date_range parameter to monitor/reports/overview on the IronPort ESA, aka Bug IDs CSCun07998, CSCun07844, and CSCun07888.
CVE-2015-0624 1 Cisco 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance 2018-10-30 4.3 MEDIUM N/A
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.
CVE-2015-4322 1 Cisco 1 Content Security Management Appliance 2017-09-19 5.5 MEDIUM N/A
Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894.