Cisco Content Security Management Appliance vulnerabilities

CVE-2021-1447 [MEDIUM] CWE-269 CVE-2021-1447: A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Ma A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling spec

CVE-2021-1129 [MEDIUM] CWE-201 CVE-2021-1129: A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Sec A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected

CVE-2020-3117 [MEDIUM] CWE-113 CVE-2020-3117: A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cis A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this

CVE-2019-1983 [MEDIUM] CWE-20 CVE-2019-1983: A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Sec A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (D

CVE-2020-3447 [MEDIUM] CWE-532 CVE-2020-3447: A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Async A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could

CVE-2020-3178 [MEDIUM] CWE-601 CVE-2020-3178: Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security M Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an HTTP request. An attacker could exploit these vulnerab

CVE-2020-3164 [MEDIUM] CWE-20 CVE-2020-3164: A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appl A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vul

CVE-2019-12635 [MEDIUM] CWE-285 CVE-2019-12635: A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Sof A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by usi

CVE-2018-0140 [MEDIUM] CWE-200 CVE-2018-0140: A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker co

CVE-2017-6783 [MEDIUM] CWE-200 CVE-2017-6783: A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the

CVE-2017-6661 [MEDIUM] CWE-79 CVE-2017-6661: A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Ci A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka Message Tracking XSS. More Info

CVE-2016-1411 [MEDIUM] CWE-310 CVE-2016-1411: A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appli A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected

CVE-2016-6416 [MEDIUM] CWE-119 CVE-2016-6416: The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-0 The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz8

CVE-2016-2183 [HIGH] CWE-200 CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DE

CVE-2015-6321 [HIGH] CWE-399 CVE-2015-6321: Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x be Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance

CVE-2015-6288 [MEDIUM] CWE-399 CVE-2015-6288: Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug ID CSCuw09620.

CVE-2015-4322 [MEDIUM] CWE-264 CVE-2015-4322: Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly rest Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894.

CVE-2015-4288 [MEDIUM] CWE-310 CVE-2015-4288: The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Applianc The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka B