threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco asyncos
Product
cisco asyncos
54 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-20393
< 15.0.5-016
A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and
10.0
CRITICAL
CVE-2020-3122
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could
5.3
MEDIUM
CVE-2025-20185
all versions
A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web
3.4
LOW
CVE-2025-20184
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure We
6.5
MEDIUM
CVE-2025-20183
all versions
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisc
5.8
MEDIUM
CVE-2025-20180
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure
4.8
MEDIUM
CVE-2021-1425
< 13.8.0
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Ap
4.3
MEDIUM
CVE-2022-20871
all versions
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web
6.3
MEDIUM
CVE-2024-20504
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Ema
5.4
MEDIUM
CVE-2024-20435
all versions
A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbit
8.8
HIGH
CVE-2024-20429
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remo
6.5
MEDIUM
CVE-2024-20392
all versions
A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenti
6.1
MEDIUM
CVE-2024-20383
< 15.5.1-024
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow
4.8
MEDIUM
CVE-2024-20258
< 15.0.2-034
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure
6.1
MEDIUM
CVE-2024-20257
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an auth
4.8
MEDIUM
CVE-2024-20256
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure
4.8
MEDIUM
CVE-2020-26082
< 13.5.2
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an
5.8
MEDIUM
CVE-2023-20215
all versions
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, r
5.8
MEDIUM
CVE-2022-20952
>= 11.8 and < 14.0.4
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Secu
5.3
MEDIUM
CVE-2023-20057
all versions
A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an u
NONE
CVE-2022-20942
< 14.2.1-015
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager,
6.5
MEDIUM
CVE-2022-20868
>= 13.0 and < 14.2.1
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Ci
4.7
MEDIUM
CVE-2022-20867
>= 13.0 and < 14.2.1
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager
5.4
MEDIUM
CVE-2022-20781
< 14.5
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow
5.4
MEDIUM
CVE-2022-20675
>= 14.0 and < 14.02.0-020
A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure
5.3
MEDIUM
CVE-2022-20653
< 13.0.3
A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software fo
7.5
HIGH
CVE-2021-34741
< 13.0.4
A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an
7.5
HIGH
CVE-2021-34698
>= 12.0 and < 12.0.3-005
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remot
8.6
HIGH
CVE-2021-1534
< 14.0.1
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could all
5.8
MEDIUM
CVE-2021-1359
>= 11.8.0 and < 12.0.3-005
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticat
6.3
MEDIUM
CVE-2021-1566
< 12.5.3-035
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security
7.4
HIGH
CVE-2020-3367
< 11.7.2-011
A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appli
7.8
HIGH
CVE-2020-3568
<= 13.5.2
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could all
5.8
MEDIUM
CVE-2019-1983
< 11.0.1-161
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisc
5.3
MEDIUM
CVE-2019-1947
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could al
8.6
HIGH
CVE-2020-3547
<= 13.5.1-277
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Co
4.3
MEDIUM
CVE-2020-3546
<= 13.5.1
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could all
5.3
MEDIUM
CVE-2020-3368
< 13.5.0
A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could all
5.8
MEDIUM
CVE-2019-15956
>= 10.1 and < 10.1.5-004
A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an au
8.8
HIGH
CVE-2019-1886
>= 10.5 and < 10.5.5-005
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attac
8.6
HIGH
CVE-2019-1884
>= 10.1 and < 10.5.5-005
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an aut
7.7
HIGH
CVE-2018-15460
< 11.0.2-044_md
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could a
8.6
HIGH
CVE-2018-0087
all versions
A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log
5.6
MEDIUM
CVE-2018-0095
all versions
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Manageme
7.8
HIGH
CVE-2017-12353
all versions
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security App
5.8
MEDIUM
CVE-2017-12303
all versions
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security A
5.3
MEDIUM
CVE-2017-12215
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allo
7.1
HIGH
CVE-2017-12218
all versions
A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisc
5.8
MEDIUM
CVE-2016-1461
<= 9.7.0-125
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via
7.5
HIGH
CVE-2016-1438
all versions
Cisco AsyncOS 9.7.0-125 on Email Security Appliance (ESA) devices allows remote attackers to bypass intended spam filtering via cr
7.5
HIGH
CVE-2015-0605
<= 8.5
The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote atta
CVE-2015-0577
all versions
Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Ci
CVE-2014-3381
<= 8.5
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze Z
CVE-2014-2195
all versions
Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin