cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-20871,https://securityvulnerability.io/vulnerability/CVE-2022-20871,Cisco AsyncOS for Cisco Secure Web Appliance Vulnerability,"A security vulnerability in the web management interface of Cisco Secure Web Appliance could enable an authenticated remote attacker to perform command injection and escalate privileges. This issue arises from insufficient validation of user-supplied input. By authenticating to the device and sending specifically crafted HTTP packets, an attacker may gain the ability to execute arbitrary commands at the root level of the operating system. The requirement for at least read-only credentials makes this vulnerability critical for those with limited access. Cisco has issued software updates to remediate this vulnerability, while currently, no workarounds exist.",Cisco,Cisco Secure Web Appliance,6.3,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2024-11-15T15:27:14.028Z,0
CVE-2024-20435,https://securityvulnerability.io/vulnerability/CVE-2024-20435,Cisco AsyncOS for Secure Web Appliance Vulnerability: Arbitrary Command Execution and Privilege Escalation,"A vulnerability exists in the command-line interface (CLI) of Cisco AsyncOS for Secure Web Appliance, which could permit an authenticated local attacker to execute arbitrary commands and elevate privileges to root level. This issue stems from inadequate validation of user-supplied input within the CLI, allowing a malicious actor to authenticate to the system and run a specially crafted command. Successful exploitation would result in the attacker gaining the ability to execute any commands on the underlying operating system and escalate their privileges to root. The exploitation requires at least guest-level credentials.",Cisco,Cisco Secure Web Appliance,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-17T16:27:59.858Z,0
CVE-2024-20256,https://securityvulnerability.io/vulnerability/CVE-2024-20256,Cisco AsyncOS Software Vulnerability Could Lead to XSS Attacks,"A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email And Web Manager",4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-15T17:56:38.074Z,0
CVE-2023-20215,https://securityvulnerability.io/vulnerability/CVE-2023-20215,Bypass Vulnerability in Cisco Secure Web Appliance Scanning Engine,"A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance permits an unauthenticated attacker to bypass network security rules. This vulnerability arises from the improper detection of malicious traffic encoded in a specific content format. Exploiting this flaw, an attacker connects to a malicious server, receiving specially crafted HTTP responses that evade explicit block rules set on the appliance. The exploit allows unauthorized traffic, which should have been rejected, to penetrate the network.",Cisco,Cisco Secure Web Appliance,5.3,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2023-08-03T22:15:00.000Z,0
CVE-2023-20028,https://securityvulnerability.io/vulnerability/CVE-2023-20028,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.000590000010561198,false,,false,false,true,2024-10-25T16:15:12.000Z,,false,false,,2023-06-28T00:00:00.000Z,0
CVE-2023-20120,https://securityvulnerability.io/vulnerability/CVE-2023-20120,"Cisco Secure Email Gateway, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Cross-Site Scripting Vulnerabilities","Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0007999999797903001,false,,false,false,true,2024-10-25T16:15:12.000Z,,false,false,,2023-06-28T00:00:00.000Z,0
CVE-2023-20032,https://securityvulnerability.io/vulnerability/CVE-2023-20032,Buffer Overflow Vulnerability in ClamAV Scanning Library Affecting Multiple Versions,"On February 15, 2023, a vulnerability was disclosed in the HFS+ partition file parser of ClamAV, enabling potential malicious exploitation. The flaw arises from a lack of buffer size verification, leading to the possibility of a heap buffer overflow. An attacker can exploit this vulnerability by submitting a specifically crafted HFS+ partition file for scanning. A successful attack could result in arbitrary code execution with the same privileges as the ClamAV scanning process, or it could crash the process entirely, causing a denial of service (DoS) situation. For further details, please refer to the ClamAV blog.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Endpoint,Cisco Secure Endpoint Private Cloud Administration Portal",9.8,CRITICAL,0.003470000112429261,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0
CVE-2022-20952,https://securityvulnerability.io/vulnerability/CVE-2022-20952,Bypass Vulnerability in Cisco AsyncOS Software for Cisco Secure Web Appliance,"A vulnerability within the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance allows an unauthenticated remote attacker to bypass established security rules. This occurs due to the improper detection of malformed and encoded traffic. Exploiting this vulnerability enables attackers to connect to a malicious server through an affected device, potentially receiving malformed HTTP responses that should have been blocked. Consequently, the attacker can bypass explicit block rules, leading to unmonitored network traffic that jeopardizes network security.",Cisco,Cisco Secure Web Appliance,5.3,MEDIUM,0.0011099999537691474,false,,false,false,true,2024-08-03T03:15:48.000Z,,false,false,,2023-03-01T08:15:00.000Z,0
CVE-2022-20942,https://securityvulnerability.io/vulnerability/CVE-2022-20942,Weak Authorization in Cisco Email Security Appliance and Web Manager,"A vulnerability present in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance arises from weak enforcement of back-end authorization checks. This enables authenticated remote attackers to send specifically crafted HTTP requests to the affected devices, leading to potential retrieval of sensitive information, including user credentials. The exploitation of this vulnerability poses significant risks as confidential data on the affected devices may be accessed without adequate authorization.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email,Cisco Secure Email And Web Manager",6.5,MEDIUM,0.0013599999947473407,false,,false,false,true,2024-08-03T03:15:48.000Z,,false,false,,2022-11-04T18:15:00.000Z,0
CVE-2022-20868,https://securityvulnerability.io/vulnerability/CVE-2022-20868,Privilege Escalation Vulnerability in Cisco Email Security Appliance,"A vulnerability exists in the web-based management interface of Cisco’s Email Security Appliance, Secure Email and Web Manager, and Secure Web Appliance. This flaw allows an authenticated remote attacker to elevate their privileges by exploiting a hardcoded value utilized for encrypting tokens in certain API calls. By authenticating and sending a specially crafted HTTP request, the attacker can impersonate another legitimate user, executing commands with the authority of that user. This could pose significant risks, particularly in environments where access to sensitive information and functionalities is controlled through user privileges.",Cisco,"Cisco Secure Web Appliance,Cisco Secure Email,Cisco Secure Email And Web Manager",4.7,MEDIUM,0.005590000189840794,false,,false,false,true,2024-08-03T03:15:45.000Z,,false,false,,2022-11-04T18:15:00.000Z,0
CVE-2022-20784,https://securityvulnerability.io/vulnerability/CVE-2022-20784,Cisco Web Security Appliance Filter Bypass Vulnerability,"A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to incorrect handling of certain character combinations inserted into a URL. An attacker could exploit this vulnerability by sending crafted URLs to be processed by an affected device. A successful exploit could allow the attacker to bypass the web proxy and access web content that has been blocked by policy.",Cisco,Cisco Web Security Appliance (wsa),5.8,MEDIUM,0.001290000043809414,false,,false,false,true,2024-08-03T03:15:41.000Z,,false,false,,2022-04-06T00:00:00.000Z,0
CVE-2022-20675,https://securityvulnerability.io/vulnerability/CVE-2022-20675,Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability,"A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0014700000174343586,false,,false,false,true,2024-08-03T03:15:36.000Z,,false,false,,2022-04-06T00:00:00.000Z,0
CVE-2022-20781,https://securityvulnerability.io/vulnerability/CVE-2022-20781,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),5.4,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-03T03:15:41.000Z,,false,false,,2022-04-06T00:00:00.000Z,0
CVE-2021-34698,https://securityvulnerability.io/vulnerability/CVE-2021-34698,Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability,"A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0015899999998509884,false,,false,false,true,2024-08-04T02:15:20.000Z,,false,false,,2021-10-06T00:00:00.000Z,0
CVE-2021-34749,https://securityvulnerability.io/vulnerability/CVE-2021-34749,Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability,"A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an external server. A successful exploit could allow the attacker to execute a command-and-control attack on a compromised host and perform additional data exfiltration attacks.",Cisco,Cisco Web Security Appliance (wsa),8.6,HIGH,0.0017999999690800905,false,,false,false,true,2024-08-04T02:15:22.000Z,,false,false,,2021-08-18T00:00:00.000Z,0
CVE-2021-1359,https://securityvulnerability.io/vulnerability/CVE-2021-1359,Cisco Web Security Appliance Privilege Escalation Vulnerability,"A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. An attacker would need a valid user account with the rights to upload configuration files to exploit this vulnerability.",Cisco,Cisco Web Security Appliance (wsa),6.3,MEDIUM,0.0010400000028312206,false,,false,false,true,2024-08-03T17:15:52.000Z,,false,false,,2021-07-08T19:15:00.000Z,0
CVE-2021-1566,https://securityvulnerability.io/vulnerability/CVE-2021-1566,Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability,"A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests.",Cisco,Cisco Web Security Appliance (wsa),7.4,HIGH,0.0014299999456852674,false,,false,false,true,2024-08-03T17:16:01.000Z,,false,false,,2021-06-16T00:00:00.000Z,0
CVE-2021-1490,https://securityvulnerability.io/vulnerability/CVE-2021-1490,Cisco Web Security Appliance Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to retrieve a crafted file that contains malicious payload and upload it to the affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.001509999972768128,false,,false,false,true,2024-08-03T17:15:58.000Z,,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2021-1516,https://securityvulnerability.io/vulnerability/CVE-2021-1516,"Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001500000013038516,false,,false,false,true,2024-08-03T17:15:59.000Z,,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2021-1271,https://securityvulnerability.io/vulnerability/CVE-2021-1271,Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.",Cisco,Cisco Web Security Appliance (wsa),4.8,MEDIUM,0.0006600000197067857,false,,false,false,true,2024-08-03T17:15:47.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2021-1129,https://securityvulnerability.io/vulnerability/CVE-2021-1129,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0013599999947473407,false,,false,false,true,2024-08-03T17:15:40.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2020-3367,https://securityvulnerability.io/vulnerability/CVE-2020-3367,Cisco Secure Web Appliance Privilege Escalation Vulnerability,"A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface and CLI. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.",Cisco,Cisco Web Security Appliance (wsa),5.3,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:37.000Z,,false,false,,2020-11-18T00:00:00.000Z,0
CVE-2019-15969,https://securityvulnerability.io/vulnerability/CVE-2019-15969,Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability,"A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information.",Cisco,Cisco Web Security Appliance (wsa),6.1,MEDIUM,0.001509999972768128,false,,false,false,true,2024-08-05T02:15:45.000Z,,false,false,,2020-09-23T01:15:00.000Z,0
CVE-2020-3117,https://securityvulnerability.io/vulnerability/CVE-2020-3117,Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability,"A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser.",Cisco,Cisco Web Security Appliance (wsa),4.7,MEDIUM,0.0008699999889358878,false,,false,false,true,2024-08-04T08:16:25.000Z,,false,false,,2020-09-23T01:15:00.000Z,0
CVE-2020-3547,https://securityvulnerability.io/vulnerability/CVE-2020-3547,"Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability","A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface.",Cisco,Cisco Web Security Appliance (wsa),4.3,MEDIUM,0.001500000013038516,false,,false,false,true,2024-08-04T08:16:45.000Z,,false,false,,2020-09-04T03:15:00.000Z,0