Vulnerabilities > Cisco > Asyncos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-3546 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. | 5.3 |
| 2020-06-18 | CVE-2020-3368 | Improper Input Validation vulnerability in Cisco Asyncos A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. | 5.8 |
| 2019-11-26 | CVE-2019-15956 | Unspecified vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. | 8.8 |
| 2019-07-04 | CVE-2019-1886 | Improper Certificate Validation vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2019-07-04 | CVE-2019-1884 | Improper Input Validation vulnerability in Cisco Asyncos and web Security Appliance A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2019-01-10 | CVE-2018-15460 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Asyncos A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 8.6 |
| 2018-03-08 | CVE-2018-0087 | Improper Authentication vulnerability in Cisco Asyncos 10.5.1296 A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. | 5.6 |
| 2018-01-18 | CVE-2018-0095 | Unspecified vulnerability in Cisco Asyncos 9.1.1005/9.7.2065 A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. | 7.8 |
| 2017-11-30 | CVE-2017-12353 | Unspecified vulnerability in Cisco Asyncos A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. | 5.8 |
| 2017-11-16 | CVE-2017-12303 | Improperly Implemented Security Check for Standard vulnerability in Cisco Asyncos 10.1.1234/10.1.1235 A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured AMP file filtering rule. | 5.3 |