The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of AsyncOS

cybersecurity note CVE-2019-1955

Cisco ESA: privilege escalation via SPF Header Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via SPF Header Bypass of Cisco ESA, in order to escalate his privileges.
Severity: 2/4.
Creation date: 08/08/2019.
Identifiers: CERTFR-2019-AVI-377, cisco-sa-20190807-esm-inject, CSCvp27126, CVE-2019-1955, VIGILANCE-VUL-29979.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via SPF Header Bypass of Cisco ESA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat CVE-2019-1933

Cisco Email Security Appliance: privilege escalation via Script Filter Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Script Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 04/07/2019.
Identifiers: CERTFR-2019-AVI-304, cisco-sa-20190703-esa-filterpass, CSCvo55451, CVE-2019-1933, VIGILANCE-VUL-29688.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Script Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

weakness alert CVE-2019-1921

Cisco Email Security Appliance: privilege escalation via Content Filter Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 04/07/2019.
Identifiers: CERTFR-2019-AVI-304, cisco-sa-20190703-esa-bypass, CSCvp88949, CVE-2019-1921, VIGILANCE-VUL-29687.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2019-1905

Cisco Email Security Appliance: privilege escalation via GZIP Content Filter Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via GZIP Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 20/06/2019.
Identifiers: CERTFR-2019-AVI-284, cisco-sa-20190619-esa-bypass, CSCvo82840, CVE-2019-1905, VIGILANCE-VUL-29570.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via GZIP Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce CVE-2019-1816

Cisco Web Security Appliance: code execution via Log Subscription Subsystem

Synthesis of the vulnerability

An attacker can use a vulnerability via Log Subscription Subsystem of Cisco Web Security Appliance, in order to run code.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: CERTFR-2019-AVI-193, cisco-sa-20190501-wsa-privesc, CSCvk68106, CVE-2019-1816, VIGILANCE-VUL-29190.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use a vulnerability via Log Subscription Subsystem of Cisco Web Security Appliance, in order to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note CVE-2019-1844

Cisco Email Security Appliance: privilege escalation via Filter Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 02/05/2019.
Identifiers: cisco-sa-20190501-esa-bypass, CSCvm36810, CVE-2019-1844, VIGILANCE-VUL-29187.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity announce CVE-2019-1831

Cisco Email Security Appliance: privilege escalation via Content Filter Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 18/04/2019.
Identifiers: cisco-sa-20190417-esa-filter-bypass, CSCvo01349, CSCvo78686, CVE-2019-1831, VIGILANCE-VUL-29082.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Content Filter Bypass of Cisco Email Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-1672

Cisco Web Security Appliance: privilege escalation via Decryption Policy Bypass

Synthesis of the vulnerability

An attacker can bypass restrictions via Decryption Policy Bypass of Cisco Web Security Appliance, in order to escalate his privileges.
Severity: 2/4.
Creation date: 07/02/2019.
Identifiers: cisco-sa-20190206-wsa-bypass, CSCvm91630, CVE-2019-1672, VIGILANCE-VUL-28461.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Decryption Policy Bypass of Cisco Web Security Appliance, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2018-15460

Cisco Email Security Appliance: infinite loop via URL Filtering

Synthesis of the vulnerability

An attacker can trigger an infinite loop via URL Filtering of Cisco Email Security Appliance, in order to trigger a denial of service.
Severity: 3/4.
Creation date: 10/01/2019.
Identifiers: CERTFR-2019-AVI-012, cisco-sa-20190109-esa-url-dos, CSCvm81627, CVE-2018-15460, VIGILANCE-VUL-28204.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger an infinite loop via URL Filtering of Cisco Email Security Appliance, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2018-15453

Cisco Email Security Appliance: memory corruption via S/MIME

Synthesis of the vulnerability

An attacker can trigger a memory corruption via S/MIME of Cisco Email Security Appliance, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 10/01/2019.
Identifiers: CERTFR-2019-AVI-012, cisco-sa-20190109-esa-dos, CSCvk73786, CVE-2018-15453, VIGILANCE-VUL-28203.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can trigger a memory corruption via S/MIME of Cisco Email Security Appliance, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about AsyncOS: