Cisco Content Security Management Appliance vulnerabilities

5 known vulnerabilities affecting cisco/cisco_content_security_management_appliance.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2021-1561MEDIUMCVSS 5.4vn/a2021-08-18
CVE-2021-1561 [MEDIUM] CWE-302 CVE-2021-1561: A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not prope
cvelistv5nvd
CVE-2021-1447MEDIUMCVSS 6.7vn/a2021-05-06
CVE-2021-1447 [MEDIUM] CWE-269 CVE-2021-1447: A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Ma A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling spec
cvelistv5nvd
CVE-2020-3178MEDIUMCVSS 6.1vn/a2020-05-06
CVE-2020-3178 [MEDIUM] CWE-601 CVE-2020-3178: Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security M Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an HTTP request. An attacker could exploit these vulnerab
cvelistv5nvd
CVE-2019-12635MEDIUMCVSS 4.3≥ unspecified, < 12.5.02019-09-05
CVE-2019-12635 [MEDIUM] CWE-285 CVE-2019-12635: A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Sof A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by usi
cvelistv5nvd
CVE-2018-15393MEDIUMCVSS 6.1vn/a2018-11-08
CVE-2018-15393 [MEDIUM] CWE-79 CVE-2018-15393: A vulnerability in the web-based management interface of Cisco Content Security Management Appliance A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-b
cvelistv5nvd