Vulnerabilities > Cisco > Asyncos > 13.5.1

DATE CVE VULNERABILITY TITLE RISK
2020-10-08 CVE-2020-3568 Improper Input Validation vulnerability in Cisco Asyncos
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device.
network
low complexity
cisco CWE-20
5.8
5.8
2020-09-04 CVE-2020-3547 Insufficiently Protected Credentials vulnerability in Cisco Asyncos
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device.
network
low complexity
cisco CWE-522
6.5
6.5
2020-09-04 CVE-2020-3546 Improper Input Validation vulnerability in Cisco Asyncos
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
network
low complexity
cisco CWE-20
5.3
5.3