The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco Secure Email Appliance

Cisco Email Security Appliance, Content Security Management Appliance: mail disclosure
An attacker can tamper with the spam manager of Cisco Email Security Appliance and Content Security Management Appliance, in order to get any any mail...
cisco-sa-20180207-esacsm, CVE-2018-0140, VIGILANCE-VUL-25252
Cisco ESA/SMA: privilege escalation via CLI
An attacker can bypass restrictions via CLI of Cisco ESA/SMA, in order to escalate his privileges...
CERTFR-2018-AVI-042, cisco-sa-20180117-esasma, CSCvb34303, CSCvb35726, CVE-2018-0095, VIGILANCE-VUL-25102
Cisco Email Security Appliance: privilege escalation via MIME Header
An attacker can bypass restrictions via MIME Header of Cisco Email Security Appliance, in order to escalate his privileges...
cisco-sa-20171129-esa, CSCvf44666, CVE-2017-12353, VIGILANCE-VUL-24577
Cisco ESA/SMA: read-write access via HTTP Response Splitting
An attacker can bypass access restrictions via HTTP Response Splitting of Cisco ESA/SMA, in order to read or alter data...
cisco-sa-20171115-esa, CSCvf16705, CSCvj76180, CVE-2017-12309, VIGILANCE-VUL-24477
Cisco ESA: memory leak via Attachments
An attacker can create a memory leak via Attachments of Cisco ESA, in order to trigger a denial of service...
CERTFR-2017-AVI-317, cisco-sa-20170920-esa, CSCvd29354, CVE-2017-12215, VIGILANCE-VUL-23896
Cisco Email Security Appliance: delivery of malicious EML attachment
The Cisco Email Security Appliance product does not correctly filter EML attachments...
cisco-sa-20170906-esa, CSCuz81533, CVE-2017-12218, VIGILANCE-VUL-23765
Cisco WSA/ESA/SMA: information disclosure via SNMP Polling
An attacker can bypass access restrictions to data via SNMP Polling of Cisco WSA/ESA/SMA, in order to obtain sensitive information...
CERTFR-2017-AVI-269, cisco-sa-20170816-csa, CSCve26106, CSCve26202, CSCve26224, CVE-2017-6783, VIGILANCE-VUL-23555
Cisco Email Security and Content Security Management Appliance: Cross Site Scripting
An attacker can trigger a Cross Site Scripting in Cisco Email Security Appliance and Content Security Management Appliance, in order to run JavaScript code in the context of the web site...
cisco-sa-20170607-esa, CVE-2017-6661, VIGILANCE-VUL-22926
OpenSSL: denial of service via the "Encrypt-Then-Mac" option
An attacker can change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service...
2003480, 2003620, 2003673, 2004940, CERTFR-2017-AVI-035, cisco-sa-20170130-openssl, cpuapr2019, cpujan2018, cpuoct2017, CVE-2017-3733, HPESBGN03728, VIGILANCE-VUL-21871
Cisco AsyncOS: filtering bypass via MIME typing
An attacker can tamper with MIME headers in SMTP and HTTP connections filtered by Cisco AsyncOS, in order to bypass the content filtering...
CERTFR-2017-AVI-052, cisco-sa-20170215-asyncos, CVE-2017-3827, VIGILANCE-VUL-21863
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco Secure Email Appliance: