cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-20120,https://securityvulnerability.io/vulnerability/CVE-2023-20120,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0007399999885819852,false,false,false,true,,false,false,2023-06-28T00:00:00.000Z,0
CVE-2023-20028,https://securityvulnerability.io/vulnerability/CVE-2023-20028,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0005499999970197678,false,false,false,true,,false,false,2023-06-28T00:00:00.000Z,0
CVE-2022-20784,https://securityvulnerability.io/vulnerability/CVE-2022-20784,Cisco Web Security Appliance Filter Bypass Vulnerability,"A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to incorrect handling of certain character combinations inserted into a URL. An attacker could exploit this vulnerability by sending crafted URLs to be processed by an affected device. A successful exploit could allow the attacker to bypass the web proxy and access web content that has been blocked by policy.",Cisco,Cisco Web Security Appliance (wsa),5.8,MEDIUM,0.001290000043809414,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2022-20781,https://securityvulnerability.io/vulnerability/CVE-2022-20781,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0006600000197067857,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2022-20675,https://securityvulnerability.io/vulnerability/CVE-2022-20675,Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability,"A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0014700000174343586,false,false,false,true,,false,false,2022-04-06T00:00:00.000Z,0
CVE-2021-34698,https://securityvulnerability.io/vulnerability/CVE-2021-34698,Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability,"A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0015899999998509884,false,false,false,true,,false,false,2021-10-06T00:00:00.000Z,0
CVE-2021-34749,https://securityvulnerability.io/vulnerability/CVE-2021-34749,Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability,"A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an external server. A successful exploit could allow the attacker to execute a command-and-control attack on a compromised host and perform additional data exfiltration attacks.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0017999999690800905,false,false,false,true,,false,false,2021-08-18T00:00:00.000Z,0
CVE-2021-1359,https://securityvulnerability.io/vulnerability/CVE-2021-1359,Cisco Web Security Appliance Privilege Escalation Vulnerability,"A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability.",Cisco,Cisco Web Security Appliance (wsa),6.3,MEDIUM,0.0010400000028312206,false,false,false,true,,false,false,2021-07-08T19:15:00.000Z,0
CVE-2021-1566,https://securityvulnerability.io/vulnerability/CVE-2021-1566,Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability,"A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests.",Cisco,Cisco Web Security Appliance (wsa),7.4,HIGH,0.0014299999456852674,false,false,false,true,,false,false,2021-06-16T00:00:00.000Z,0
CVE-2021-1490,https://securityvulnerability.io/vulnerability/CVE-2021-1490,Cisco Web Security Appliance Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to retrieve a crafted file that contains malicious payload and upload it to the affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.001509999972768128,false,false,false,true,,false,false,2021-05-06T13:15:00.000Z,0
CVE-2021-1516,https://securityvulnerability.io/vulnerability/CVE-2021-1516,"Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001560000004246831,false,false,false,true,,false,false,2021-05-06T13:15:00.000Z,0
CVE-2021-1129,https://securityvulnerability.io/vulnerability/CVE-2021-1129,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0013599999947473407,false,false,false,true,,false,false,2021-01-20T00:00:00.000Z,0
CVE-2021-1271,https://securityvulnerability.io/vulnerability/CVE-2021-1271,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),4.8,MEDIUM,0.0006600000197067857,false,false,false,true,,false,false,2021-01-20T00:00:00.000Z,0
CVE-2020-3367,https://securityvulnerability.io/vulnerability/CVE-2020-3367,Cisco Secure Web Appliance Privilege Escalation Vulnerability,"A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface and CLI. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2020-11-18T00:00:00.000Z,0
CVE-2019-15969,https://securityvulnerability.io/vulnerability/CVE-2019-15969,Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),6.1,MEDIUM,0.001509999972768128,false,false,false,true,,false,false,2020-09-23T01:15:00.000Z,0
CVE-2020-3117,https://securityvulnerability.io/vulnerability/CVE-2020-3117,Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability,"A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.0008699999889358878,false,false,false,true,,false,false,2020-09-23T01:15:00.000Z,0
CVE-2020-3547,https://securityvulnerability.io/vulnerability/CVE-2020-3547,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001500000013038516,false,false,false,true,,false,false,2020-09-04T03:15:00.000Z,0
CVE-2020-3164,https://securityvulnerability.io/vulnerability/CVE-2020-3164,"Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.001500000013038516,false,false,false,true,,false,false,2020-03-04T00:00:00.000Z,0
CVE-2019-15956,https://securityvulnerability.io/vulnerability/CVE-2019-15956,Cisco Web Security Appliance Unauthorized Device Reset Vulnerability,"A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization controls for a specific URL in the web management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could have a twofold impact: the attacker could either change the administrator password, gaining privileged access, or reset the network configuration details, causing a denial of service (DoS) condition. In both scenarios, manual intervention is required to restore normal operations.",Cisco,Cisco Web Security Appliance (wsa),8.8,HIGH,0.001610000035725534,false,false,false,true,,false,false,2019-11-26T03:15:00.000Z,0
CVE-2019-1886,https://securityvulnerability.io/vulnerability/CVE-2019-1886,Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability,"A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0009399999980814755,false,false,false,true,,false,false,2019-07-04T20:15:00.000Z,0
CVE-2019-1884,https://securityvulnerability.io/vulnerability/CVE-2019-1884,Cisco Web Security Appliance Web Proxy Denial of Service Vulnerability,"A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation mechanisms for certain fields in HTTP/HTTPS requests sent through an affected device. A successful attacker could exploit this vulnerability by sending a malicious HTTP/HTTPS request through an affected device. An exploit could allow the attacker to force the device to stop processing traffic, resulting in a DoS condition.",Cisco,Cisco Web Security Appliance (wsa),7.7,HIGH,0.0010100000072270632,false,false,false,true,,false,false,2019-07-04T20:15:00.000Z,0
CVE-2019-1817,https://securityvulnerability.io/vulnerability/CVE-2019-1817,Cisco Web Security Appliance Malformed Request Denial of Service Vulnerability,"A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of HTTP and HTTPS requests. An attacker could exploit this vulnerability by sending a malformed HTTP or HTTPS request to an affected device. An exploit could allow the attacker to cause a restart of the web proxy process, resulting in a temporary DoS condition.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0015899999998509884,false,false,false,true,,false,false,2019-05-03T17:29:00.000Z,0
CVE-2019-1816,https://securityvulnerability.io/vulnerability/CVE-2019-1816,Cisco Web Security Appliance Privilege Escalation Vulnerability,"A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The vulnerability is due to insufficient validation of user-supplied input on the web and command-line interface. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0004199999966658652,false,false,false,true,,false,false,2019-05-03T17:29:00.000Z,0
CVE-2019-1672,https://securityvulnerability.io/vulnerability/CVE-2019-1672,Cisco Web Security Appliance Decryption Policy Bypass Vulnerability,"A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected.",Cisco,Cisco Web Security Appliance (wsa),5.8,MEDIUM,0.0010600000387057662,false,false,false,true,,false,false,2019-02-08T18:29:00.000Z,0
CVE-2016-6469,https://securityvulnerability.io/vulnerability/CVE-2016-6469,,"A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-010.",Cisco,Cisco Web Security Appliance (wsa),7.5,HIGH,0.000859999970998615,false,false,false,false,,false,false,2016-12-14T00:37:00.000Z,0