cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1561,https://securityvulnerability.io/vulnerability/CVE-2021-1561,Cisco Secure Email and Web Manager Spam Quarantine Unauthorized Access Vulnerability,"A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to modify another user's spam quarantine settings, possibly disabling security controls or viewing email messages stored on the spam quarantine interfaces.",Cisco,Cisco Content Security Management Appliance (sma),5.4,MEDIUM,0.0009399999980814755,false,,false,false,true,2024-08-03T17:16:01.000Z,,false,false,,2021-08-18T00:00:00.000Z,0
CVE-2021-1447,https://securityvulnerability.io/vulnerability/CVE-2021-1447,Cisco Content Security Management Appliance Privilege Escalation Vulnerability,"A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges to root. This vulnerability is due to a procedural flaw in the password generation algorithm. An attacker could exploit this vulnerability by enabling specific Administrator-only features and connecting to the appliance through the CLI with elevated privileges. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. To exploit this vulnerability, the attacker must have valid Administrator credentials.",Cisco,Cisco Content Security Management Appliance (sma),6.7,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-03T17:15:56.000Z,,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2020-3178,https://securityvulnerability.io/vulnerability/CVE-2020-3178,Cisco Content Security Management Appliance Open Redirect Vulnerabilities,"Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an HTTP request. An attacker could exploit these vulnerabilities by intercepting an HTTP request and modifying it to redirect a user to a specific malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious web page or to obtain sensitive browser-based information. This type of attack is commonly referred to as an open redirect attack and is used in phishing attacks to get users to unknowingly visit malicious sites.",Cisco,Cisco Content Security Management Appliance (sma),6.1,MEDIUM,0.001230000052601099,false,,false,false,true,2024-08-04T08:16:28.000Z,,false,false,,2020-05-06T00:00:00.000Z,0
CVE-2019-12635,https://securityvulnerability.io/vulnerability/CVE-2019-12635,Cisco Content Security Management Appliance Information Disclosure Vulnerability,"A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email. The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.",Cisco,Cisco Content Security Management Appliance (sma),4.3,MEDIUM,0.0007300000288523734,false,,false,false,true,2024-09-16T23:18:57.000Z,,false,false,,2019-09-05T02:15:00.000Z,0
CVE-2018-15393,https://securityvulnerability.io/vulnerability/CVE-2018-15393,Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,Cisco Content Security Management Appliance (sma),4.8,MEDIUM,0.0007200000109151006,false,,false,false,true,2024-08-05T10:17:49.000Z,,false,false,,2018-11-08T17:29:00.000Z,0
CVE-2018-0140,https://securityvulnerability.io/vulnerability/CVE-2018-0140,,"A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.",Cisco,Cisco Email Security Appliance And Cisco Content Security Management Appliance,6.5,MEDIUM,0.0015300000086426735,false,,false,false,false,,,false,false,,2018-02-08T07:00:00.000Z,0
CVE-2018-0095,https://securityvulnerability.io/vulnerability/CVE-2018-0095,,"A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a privilege level of a guest user. The vulnerability is due to an incorrect networking configuration at the administrative shell CLI. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a set of crafted, malicious commands at the administrative shell. An exploit could allow the attacker to gain root access on the device. Cisco Bug IDs: CSCvb34303, CSCvb35726.",Cisco,Cisco Email Security And Content Security Management Appliance,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-01-18T06:00:00.000Z,0
CVE-2017-6783,https://securityvulnerability.io/vulnerability/CVE-2017-6783,,"A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability. Cisco Bug IDs: CSCve26106, CSCve26202, CSCve26224. Known Affected Releases: 10.0.0-230 (Web Security Appliance), 9.7.2-065 (Email Security Appliance), and 10.1.0-037 (Content Security Management Appliance).",Cisco,"Web Security Appliance (wsa),Email Security Appliance (esa),Content Security Management Appliance (sma)",4.3,MEDIUM,0.001820000004954636,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6661,https://securityvulnerability.io/vulnerability/CVE-2017-6661,,"A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka Message Tracking XSS. More Information: CSCvd30805 CSCvd34861. Known Affected Releases: 10.0.0-203 10.1.0-049.",Cisco,Cisco Email Security And Content Security Management Appliance,6.1,MEDIUM,0.0014299999456852674,false,,false,false,false,,,false,false,,2017-06-13T06:00:00.000Z,0
CVE-2016-6416,https://securityvulnerability.io/vulnerability/CVE-2016-6416,,"The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz86065.",Cisco,"Email Security Appliance,Web Security Appliance,Content Security Management Appliance",5.9,MEDIUM,0.009399999864399433,false,,false,false,false,,,false,false,,2016-10-05T17:00:00.000Z,0
CVE-2015-6288,https://securityvulnerability.io/vulnerability/CVE-2015-6288,,"Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application fault) via crafted HTTP requests, aka Bug ID CSCuw09620.",Cisco,Content Security Management Appliance,,,0.0006399999838322401,false,,false,false,false,,,false,false,,2015-09-14T01:00:00.000Z,0
CVE-2015-4322,https://securityvulnerability.io/vulnerability/CVE-2015-4322,,"Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly restricts the privileges available after LDAP authentication, which allows remote authenticated users to read or write to an arbitrary user's Spam Quarantine folder by visiting a spam-notification URL, aka Bug ID CSCuv65894.",Cisco,Content Security Management Appliance,,,0.0012199999764561653,false,,false,false,false,,,false,false,,2015-08-19T15:00:00.000Z,0
CVE-2015-4216,https://securityvulnerability.io/vulnerability/CVE-2015-4216,,"The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.",Cisco,"Email Security Virtual Appliance,Content Security Management Virtual Appliance,Web Security Virtual Appliance",,,0.00203000009059906,false,,false,false,false,,,false,false,,2015-06-26T10:00:00.000Z,0
CVE-2015-4217,https://securityvulnerability.io/vulnerability/CVE-2015-4217,,"The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.",Cisco,"Email Security Virtual Appliance,Content Security Management Virtual Appliance,Web Security Virtual Appliance",,,0.003019999945536256,false,,false,false,false,,,false,false,,2015-06-26T10:00:00.000Z,0
CVE-2015-0624,https://securityvulnerability.io/vulnerability/CVE-2015-0624,,"The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and CSCur89639.",Cisco,"Content Security Management Appliance,Web Security Appliance,Email Security Appliance Firmware",,,0.0029100000392645597,false,,false,false,false,,,false,false,,2015-02-21T11:00:00.000Z,0
CVE-2014-2195,https://securityvulnerability.io/vulnerability/CVE-2014-2195,,"Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.",Cisco,"Asyncos,Content Security Management Appliance,Email Security Appliance Firmware",,,0.0016400000313296914,false,,false,false,false,,,false,false,,2014-05-20T10:00:00.000Z,0
CVE-2014-2119,https://securityvulnerability.io/vulnerability/CVE-2014-2119,,"The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118.",Cisco,"Ironport Asyncos,Content Security Management Appliance",,,0.0019399999873712659,false,,false,false,false,,,false,false,,2014-03-21T01:04:00.000Z,0
CVE-2013-3395,https://securityvulnerability.io/vulnerability/CVE-2013-3395,,"Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634.",Cisco,"Content Security Management Appliance,Web Security Appliance,Email Security Appliance Firmware",,,0.0009399999980814755,false,,false,false,false,,,false,false,,2013-07-02T03:43:00.000Z,0
CVE-2013-3396,https://securityvulnerability.io/vulnerability/CVE-2013-3396,,"Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management on Security Management Appliance (SMA) devices allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh24749.",Cisco,Content Security Management Appliance,,,0.0013200000394135714,false,,false,false,false,,,false,false,,2013-06-26T21:00:00.000Z,0