Vulnerabilities > Cisco > Email Security Appliance > 7.6.3.025

DATE CVE VULNERABILITY TITLE RISK
2020-01-26 CVE-2020-3134 Improper Input Validation vulnerability in Cisco Email Security Appliance
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-20
6.4
6.4
2016-12-14 CVE-2016-1411 Cryptographic Issues vulnerability in Cisco products
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server.
network
cisco CWE-310
4.3
4.3
2016-10-28 CVE-2016-6356 Improper Input Validation vulnerability in Cisco Email Security Appliance
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop scanning and forwarding email messages due to a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.8
7.8