Cisco Content Security Management Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Content Security Management Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2014-2119 — CVSS 8.5 (high): The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x…
CVE-2015-6321 — CVSS 7.8 (high): Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security…
CVE-2013-5537 — CVSS 7.8 (high): The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA)…
CVE-2016-2183 — CVSS 7.5 (high): The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of…
CVE-2013-3395 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security…
CVE-2021-1447 — CVSS 6.7 (medium): A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an…
CVE-2018-0140 — CVSS 6.5 (medium): A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an…
CVE-2020-3178 — CVSS 6.1 (medium): Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow…
CVE-2017-6661 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management…
CVE-2016-6416 — CVSS 5.9 (medium): The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA)…
CVE-2016-1411 — CVSS 5.9 (medium): A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security…
CVE-2015-4322 — CVSS 5.5 (medium): Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after…
CVE-2020-3447 — CVSS 5.5 (medium): A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security…
CVE-2019-1983 — CVSS 5.3 (medium): A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content…
CVE-2021-1129 — CVSS 5.3 (medium): A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content…
CVE-2020-3164 — CVSS 5.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security…
CVE-2015-6288 — CVSS 5.0 (medium): Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause…
CVE-2018-15393 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an…
CVE-2020-3117 — CVSS 4.7 (medium): A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management…
CVE-2014-3289 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web…
CVE-2017-6783 — CVSS 4.3 (medium): A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management…
CVE-2014-2195 — CVSS 4.3 (medium): Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled…
CVE-2015-0624 — CVSS 4.3 (medium): The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security…
CVE-2015-4288 — CVSS 4.3 (medium): The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security…
CVE-2013-3396 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA)…
CVE-2021-1516 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA)…
CVE-2019-12635 — CVSS 4.3 (medium): A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated…