Vulnerabilities > Cisco > Content Security Management Appliance > 9.1.0.004

DATE CVE VULNERABILITY TITLE RISK
2016-12-14 CVE-2016-1411 Cryptographic Issues vulnerability in Cisco products
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server.
network
high complexity
cisco CWE-310
5.9
2016-10-05 CVE-2016-6416 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.
network
high complexity
cisco CWE-119
5.9