Vulnerabilities > Cisco > Content Security Management Appliance > 12.8.1.002

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-3117 Unspecified vulnerability in Cisco products
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response.
network
low complexity
cisco
4.7
4.7
2020-08-17 CVE-2020-3447 Information Exposure Through Log Files vulnerability in Cisco products
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.
network
low complexity
cisco CWE-532
6.5
6.5
2020-05-06 CVE-2020-3178 Open Redirect vulnerability in Cisco Content Security Management Appliance
Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
network
low complexity
cisco CWE-601
6.1
6.1
2020-03-04 CVE-2020-3164 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
5.3
5.3