Cisco Ironport Asyncos — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Ironport Asyncos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2013-3383 — CVSS 9.0 (critical): The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before…
CVE-2013-3384 — CVSS 9.0 (critical): The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before…
CVE-2014-2119 — CVSS 8.5 (high): The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x…
CVE-2013-3385 — CVSS 7.8 (high): The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838…
CVE-2013-3386 — CVSS 7.8 (high): The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before…
CVE-2009-1162 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X…
CVE-2014-3289 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web management interface in Cisco AsyncOS on the Email Security Appliance (ESA) 8.0, Web…