CVE-2019-15956 — CVSS 8.8 (high): A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an…
CVE-2024-20435 — CVSS 8.8 (high): A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary…
CVE-2019-1886 — CVSS 8.6 (high): A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to…
CVE-2021-34698 — CVSS 8.6 (high): A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote…
CVE-2019-1947 — CVSS 8.6 (high): A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2018-15460 — CVSS 8.6 (high): A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an…
CVE-2020-3367 — CVSS 7.8 (high): A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance)…
CVE-2018-0095 — CVSS 7.8 (high): A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management…
CVE-2019-1884 — CVSS 7.7 (high): A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an…
CVE-2022-20653 — CVSS 7.5 (high): A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco…
CVE-2016-1438 — CVSS 7.5 (high): Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices allows remote attackers to bypass intended spam filtering via crafted…
CVE-2016-1461 — CVSS 7.5 (high): Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted…
CVE-2021-34741 — CVSS 7.5 (high): A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2021-1566 — CVSS 7.4 (high): A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security…
CVE-2017-12215 — CVSS 7.1 (high): A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an…
CVE-2022-20942 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and…
CVE-2025-20184 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web…
CVE-2024-20429 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote…
CVE-2022-20871 — CVSS 6.3 (medium): A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security…
CVE-2021-1359 — CVSS 6.3 (medium): A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated…
CVE-2024-20392 — CVSS 6.1 (medium): A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated…
CVE-2024-20258 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email…
CVE-2025-20183 — CVSS 5.8 (medium): A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure…
CVE-2023-20215 — CVSS 5.8 (medium): A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote…
CVE-2020-26082 — CVSS 5.8 (medium): A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2017-12353 — CVSS 5.8 (medium): A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances…
CVE-2020-3368 — CVSS 5.8 (medium): A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2020-3568 — CVSS 5.8 (medium): A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2021-1534 — CVSS 5.8 (medium): A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2017-12218 — CVSS 5.8 (medium): A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email…
CVE-2018-0087 — CVSS 5.6 (medium): A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to…
CVE-2022-20781 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an…
CVE-2022-20867 — CVSS 5.4 (medium): A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could…
CVE-2024-20504 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email…
CVE-2017-12303 — CVSS 5.3 (medium): A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance…
CVE-2022-20675 — CVSS 5.3 (medium): A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and…
CVE-2020-3546 — CVSS 5.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an…
CVE-2022-20952 — CVSS 5.3 (medium): A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security…
CVE-2020-3122 — CVSS 5.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an…
CVE-2019-1983 — CVSS 5.3 (medium): A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content…
CVE-2014-3381 — CVSS 5.0 (medium): The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP…
CVE-2024-20256 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web…
CVE-2024-20383 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an…
CVE-2025-20180 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email…
CVE-2024-20257 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an…
CVE-2022-20868 — CVSS 4.7 (medium): A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco…
CVE-2020-3547 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content…
CVE-2015-0577 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email…
CVE-2015-0605 — CVSS 4.3 (medium): The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to…
CVE-2014-2195 — CVSS 4.3 (medium): Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled…
CVE-2021-1425 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance…
CVE-2025-20185 — CVSS 3.4 (low): A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager…
CVE-2023-20057 — CVSS 0.0 (none): A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an…