Vulnerabilities > Cisco > Email Security Appliance Firmware > 9.0.0.461

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-15988 Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device.
network
low complexity
cisco CWE-20
5.0
5.0
2019-11-26 CVE-2019-15971 Insufficient Verification of Data Authenticity vulnerability in Cisco Email Security Appliance Firmware
A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device.
network
cisco CWE-345
4.3
4.3
2019-10-02 CVE-2019-12706 Improper Input Validation vulnerability in Cisco Email Security Appliance Firmware
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device.
network
low complexity
cisco CWE-20
5.0
5.0
2015-07-10 CVE-2015-4236 Resource Management Errors vulnerability in Cisco products
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.
network
cisco CWE-399
4.3
4.3