Cisco Email Security Appliance Firmware vulnerabilities

CVE-2022-20772 [MEDIUM] CWE-113 CVE-2022-20772: A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by

CVE-2019-15961 [HIGH] CWE-20 CVE-2019-15961: A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101 A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email

CVE-2019-15988 [MEDIUM] CWE-20 CVE-2019-15988: A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Secu A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting

CVE-2019-15971 [MEDIUM] CWE-20 CVE-2019-15971: A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appli A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted

CVE-2019-12706 [HIGH] CWE-20 CVE-2019-12706: A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cis A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages.

CVE-2019-1955 [HIGH] CWE-20 CVE-2019-1955: A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cis A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to incomplete input and validation checking mechanisms for certain SPF messages that are sent to an

CVE-2018-15453 [HIGH] CWE-20 CVE-2018-15453: A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verifica A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause an affected device to corrupt system memory. A successful exploit could cause the fi

CVE-2018-0140 [MEDIUM] CWE-200 CVE-2018-0140: A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker co

CVE-2017-12309 [MEDIUM] CWE-113 CVE-2017-12309: A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote a A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, con

CVE-2017-6671 [HIGH] CWE-20 CVE-2017-6671: A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security App A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device, as demonstrated by the Attachment Filter. More Information: CSCvd34632. Known Affected Releases: 10.0.1-087 9.7.1-066. Known Fixed Releases: 10.0.2-020

CVE-2017-3827 [MEDIUM] CWE-20 CVE-2017-3827: A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Softwar A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This vulnerability affects all releases prior to the first f

CVE-2017-3818 [MEDIUM] CWE-20 CVE-2017-3818: A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Softwar A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device, aka a Malformed MIME Header Filtering Bypass. This vulnerability affects all releases prior to the first fixed re

CVE-2016-6458 [HIGH] CWE-20 CVE-2016-6458: A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Sec A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass content filters configured on an affected device. Email that should have been filtered could instead be forwarded by the device. This vulnerability affects all releases prior to the

CVE-2016-6462 [MEDIUM] CWE-20 CVE-2016-6462: A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Secur A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Softw

CVE-2016-6463 [MEDIUM] CWE-20 CVE-2016-6463: A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Secur A vulnerability in the email filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to bypass Advanced Malware Protection (AMP) filters that are configured for an affected device. This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Softw

CVE-2016-6406 [CRITICAL] CWE-264 CVE-2016-6406: Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017.

CVE-2015-6309 [MEDIUM] CWE-399 CVE-2015-6309: Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to ca Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.

CVE-2015-0732 [MEDIUM] CWE-79 CVE-2015-0732: Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0- Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37

CVE-2015-4278 [MEDIUM] CWE-20 CVE-2015-4278: Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote atta Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.

CVE-2015-4236 [MEDIUM] CWE-399 CVE-2015-4236: Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0. Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.