threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco email security appliance
Product
cisco email security appliance
53 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2020-3548
<= 13.5.1-277
A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email
5.3
MEDIUM
CVE-2023-20075
>= 12.5.0 and < 12.5.3-041
Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands
6.0
MEDIUM
CVE-2023-20009
< 12.5.3-041
A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manage
6.5
MEDIUM
CVE-2022-20960
< 14.2.1-015
A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker
7.5
HIGH
CVE-2022-20798
>= 14.0 and < 14.0.1-033
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Securi
9.8
CRITICAL
CVE-2022-20664
< 14.0.2-020
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Applianc
7.7
HIGH
CVE-2021-1566
all versions
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security
7.4
HIGH
CVE-2021-1516
all versions
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (S
4.3
MEDIUM
CVE-2021-1129
all versions
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco C
5.3
MEDIUM
CVE-2020-3137
<= 13.0.0
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remo
6.1
MEDIUM
CVE-2020-3133
< 13.0
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an un
7.5
HIGH
CVE-2019-1983
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisc
5.3
MEDIUM
CVE-2019-1947
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could al
8.6
HIGH
CVE-2020-3447
< 13.5.1
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security
5.5
MEDIUM
CVE-2020-3370
< 13.0.1
A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attac
5.8
MEDIUM
CVE-2020-3181
< 13.0.0
A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Ci
6.5
MEDIUM
CVE-2020-3164
<= 13.0.0-392
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Securit
5.3
MEDIUM
CVE-2020-3132
< 12.5.1-037
A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could all
5.9
MEDIUM
CVE-2020-3134
< 13.0
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an
6.5
MEDIUM
CVE-2019-7489
<= 10.0.2
A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnera
9.8
CRITICAL
CVE-2019-7488
<= 10.0.2
Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance d
9.8
CRITICAL
CVE-2019-1933
all versions
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an un
5.8
MEDIUM
CVE-2019-1921
all versions
A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unaut
5.8
MEDIUM
CVE-2019-1905
all versions
A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an
5.8
MEDIUM
CVE-2019-1844
all versions
A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthentica
5.3
MEDIUM
CVE-2019-1831
all versions
A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an un
5.8
MEDIUM
CVE-2018-0447
all versions
A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) coul
5.3
MEDIUM
CVE-2018-0419
all versions
A vulnerability in certain attachment detection mechanisms of Cisco Email Security Appliances (ESA) could allow an unauthenticated
7.5
HIGH
CVE-2017-6783
all versions
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security M
4.3
MEDIUM
CVE-2017-6661
all versions
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Managemen
6.1
MEDIUM
CVE-2017-3800
all versions
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an
5.8
MEDIUM
CVE-2016-9202
all versions
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthentica
6.1
MEDIUM
CVE-2016-6465
all versions
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web
4.3
MEDIUM
CVE-2016-1411
all versions
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security
5.9
MEDIUM
CVE-2016-6372
all versions
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of C
7.5
HIGH
CVE-2016-6360
all versions
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) c
7.5
HIGH
CVE-2016-6358
all versions
A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause
7.5
HIGH
CVE-2016-6357
all versions
A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security App
7.5
HIGH
CVE-2016-6356
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow a
7.5
HIGH
CVE-2016-1486
all versions
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS S
7.5
HIGH
CVE-2016-1481
all versions
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow a
7.5
HIGH
CVE-2016-1480
all versions
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security App
7.5
HIGH
CVE-2016-1423
all versions
A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Securit
6.1
MEDIUM
CVE-2016-6416
all versions
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WS
5.9
MEDIUM
CVE-2016-1405
all versions
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) dev
7.5
HIGH
CVE-2015-6321
all versions
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Securi
CVE-2015-6291
all versions
Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance (ESA) devic
CVE-2015-6309
all versions
Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-
CVE-2015-6285
all versions
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of s
CVE-2015-4288
all versions
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content
CVE-2015-4236
all versions
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enab
CVE-2015-4184
all versions
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attacke
CVE-2014-2879
<= 7.4.5
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin