Vulnerabilities > Cisco > Asyncos > 9.1.1.005
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3547 | Insufficiently Protected Credentials vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 6.5 |
| 2020-09-04 | CVE-2020-3546 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. | 5.3 |
| 2020-06-18 | CVE-2020-3368 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. | 5.8 |
| 2019-01-10 | CVE-2018-15460 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Asyncos A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 8.6 |
| 2018-01-18 | CVE-2018-0095 | Unspecified vulnerability in Cisco Asyncos 9.1.1005/9.7.2065 A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. | 7.8 |
| 2016-08-01 | CVE-2016-1461 | Improper Input Validation vulnerability in Cisco Asyncos Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932. | 7.5 |