Vulnerabilities > Cisco > Secure Email AND WEB Manager > 13.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-01 | CVE-2023-20009 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. | 7.2 |
| 2022-06-15 | CVE-2022-20798 | Improper Authentication vulnerability in Cisco products A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. | 9.8 |