cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-20871,https://securityvulnerability.io/vulnerability/CVE-2022-20871,Cisco AsyncOS for Cisco Secure Web Appliance Vulnerability,"A security vulnerability in the web management interface of Cisco Secure Web Appliance could enable an authenticated remote attacker to perform command injection and escalate privileges. This issue arises from insufficient validation of user-supplied input. By authenticating to the device and sending specifically crafted HTTP packets, an attacker may gain the ability to execute arbitrary commands at the root level of the operating system. The requirement for at least read-only credentials makes this vulnerability critical for those with limited access. Cisco has issued software updates to remediate this vulnerability, while currently, no workarounds exist.",Cisco,Cisco Secure Web Appliance,6.3,MEDIUM,0.0005099999834783375,false,false,false,false,,false,false,2024-11-15T15:27:14.028Z,0
CVE-2024-20435,https://securityvulnerability.io/vulnerability/CVE-2024-20435,Cisco AsyncOS for Secure Web Appliance Vulnerability: Arbitrary Command Execution and Privilege Escalation,"A vulnerability exists in the command-line interface (CLI) of Cisco AsyncOS for Secure Web Appliance, which could permit an authenticated local attacker to execute arbitrary commands and elevate privileges to root level. This issue stems from inadequate validation of user-supplied input within the CLI, allowing a malicious actor to authenticate to the system and run a specially crafted command. Successful exploitation would result in the attacker gaining the ability to execute any commands on the underlying operating system and escalate their privileges to root. The exploitation requires at least guest-level credentials.",Cisco,Cisco Secure Web Appliance,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-17T16:27:59.858Z,0
CVE-2024-20256,https://securityvulnerability.io/vulnerability/CVE-2024-20256,Cisco AsyncOS Software Vulnerability Could Lead to XSS Attacks,"A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email And Web Manager",4.8,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T17:56:38.074Z,0
CVE-2023-20215,https://securityvulnerability.io/vulnerability/CVE-2023-20215,,"A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.
 This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.",Cisco,Cisco Secure Web Appliance,5.3,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2023-08-03T22:15:00.000Z,0
CVE-2023-20028,https://securityvulnerability.io/vulnerability/CVE-2023-20028,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0005499999970197678,false,false,false,true,,false,false,2023-06-28T00:00:00.000Z,0
CVE-2023-20120,https://securityvulnerability.io/vulnerability/CVE-2023-20120,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0007399999885819852,false,false,false,true,,false,false,2023-06-28T00:00:00.000Z,0
CVE-2022-20952,https://securityvulnerability.io/vulnerability/CVE-2022-20952,,"A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked.
 This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.",Cisco,Cisco Secure Web Appliance,5.3,MEDIUM,0.0011099999537691474,false,false,false,true,,false,false,2023-03-01T08:15:00.000Z,0
CVE-2023-20032,https://securityvulnerability.io/vulnerability/CVE-2023-20032,Buffer Overflow Vulnerability in ClamAV Scanning Library Affecting Multiple Versions,"On February 15, 2023, a vulnerability was disclosed in the HFS+ partition file parser of ClamAV, enabling potential malicious exploitation. The flaw arises from a lack of buffer size verification, leading to the possibility of a heap buffer overflow. An attacker can exploit this vulnerability by submitting a specifically crafted HFS+ partition file for scanning. A successful attack could result in arbitrary code execution with the same privileges as the ClamAV scanning process, or it could crash the process entirely, causing a denial of service (DoS) situation. For further details, please refer to the ClamAV blog.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal",9.8,CRITICAL,0.003160000080242753,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0
CVE-2022-20868,https://securityvulnerability.io/vulnerability/CVE-2022-20868,,"A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. 

This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.
",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email,Cisco Secure Email And Web Manager",4.7,MEDIUM,0.0033599999733269215,false,false,false,true,,false,false,2022-11-04T18:15:00.000Z,0
CVE-2022-20942,https://securityvulnerability.io/vulnerability/CVE-2022-20942,,"A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.
 This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email,Cisco Secure Email And Web Manager",6.5,MEDIUM,0.0011599999852478504,false,false,false,true,,false,false,2022-11-04T18:15:00.000Z,0
CVE-2022-20784,https://securityvulnerability.io/vulnerability/CVE-2022-20784,Cisco Web Security Appliance Filter Bypass Vulnerability,"A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to incorrect handling of certain character combinations inserted into a URL. An attacker could exploit this vulnerability by sending crafted URLs to be processed by an affected device. A successful exploit could allow the attacker to bypass the web proxy and access web content that has been blocked by policy.",Cisco,Cisco Web Security Appliance (wsa),5.8,MEDIUM,0.001290000043809414,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2022-20781,https://securityvulnerability.io/vulnerability/CVE-2022-20781,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0006600000197067857,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2022-20675,https://securityvulnerability.io/vulnerability/CVE-2022-20675,Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability,"A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0014700000174343586,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2021-34698,https://securityvulnerability.io/vulnerability/CVE-2021-34698,Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability,"A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0015899999998509884,false,false,false,true,,false,false,2021-10-06T00:00:00.000Z,0
CVE-2021-34749,https://securityvulnerability.io/vulnerability/CVE-2021-34749,Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability,"A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an external server. A successful exploit could allow the attacker to execute a command-and-control attack on a compromised host and perform additional data exfiltration attacks.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0017999999690800905,false,false,false,true,,false,false,2021-08-18T00:00:00.000Z,0
CVE-2021-1359,https://securityvulnerability.io/vulnerability/CVE-2021-1359,Cisco Web Security Appliance Privilege Escalation Vulnerability,"A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability.",Cisco,Cisco Web Security Appliance (wsa),6.3,MEDIUM,0.0010400000028312206,false,false,false,true,,false,false,2021-07-08T19:15:00.000Z,0
CVE-2021-1566,https://securityvulnerability.io/vulnerability/CVE-2021-1566,Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability,"A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests.",Cisco,Cisco Web Security Appliance (wsa),7.4,HIGH,0.0014299999456852674,false,false,false,true,,false,false,2021-06-16T00:00:00.000Z,0
CVE-2021-1490,https://securityvulnerability.io/vulnerability/CVE-2021-1490,Cisco Web Security Appliance Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to retrieve a crafted file that contains malicious payload and upload it to the affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.001509999972768128,false,false,false,true,,false,false,2021-05-06T13:15:00.000Z,0
CVE-2021-1516,https://securityvulnerability.io/vulnerability/CVE-2021-1516,"Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001560000004246831,false,false,false,true,,false,false,2021-05-06T13:15:00.000Z,0
CVE-2021-1271,https://securityvulnerability.io/vulnerability/CVE-2021-1271,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),4.8,MEDIUM,0.0006600000197067857,false,false,false,true,,false,false,2021-01-20T00:00:00.000Z,0
CVE-2021-1129,https://securityvulnerability.io/vulnerability/CVE-2021-1129,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0013599999947473407,false,false,false,true,,false,false,2021-01-20T00:00:00.000Z,0
CVE-2020-3367,https://securityvulnerability.io/vulnerability/CVE-2020-3367,Cisco Secure Web Appliance Privilege Escalation Vulnerability,"A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface and CLI. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2020-11-18T00:00:00.000Z,0
CVE-2020-3117,https://securityvulnerability.io/vulnerability/CVE-2020-3117,Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability,"A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.0008699999889358878,false,false,false,true,,false,false,2020-09-23T01:15:00.000Z,0
CVE-2019-15969,https://securityvulnerability.io/vulnerability/CVE-2019-15969,Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),6.1,MEDIUM,0.001509999972768128,false,false,false,true,,false,false,2020-09-23T01:15:00.000Z,0
CVE-2020-3547,https://securityvulnerability.io/vulnerability/CVE-2020-3547,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001500000013038516,false,false,false,true,,false,false,2020-09-04T03:15:00.000Z,0