CVE-2021-1129 – Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1129
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure. Una vulnerabilidad en la autenticación para la implementación de las API de propósito general de Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) y Cisco Web Security Appliance (WSA), podría permitir a un atacante no autenticado remoto acceder a información general del sistema y determinada información de configuración de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-RHp44vAC • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVE-2020-3137 – Cisco Email Security Appliance Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2020-3137
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface of the affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or to access sensitive, browser-based information. Una vulnerabilidad en la interfaz de administración basada en web de Cisco Email Security Appliance (ESA), podría permitir a un atacante remoto no autenticado conducir a ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administración basada en web de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-email-sec-xss-EbjXuXwP • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-3447 – Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-3447
A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could exploit this vulnerability by accessing specific log files on an affected device. A successful exploit could allow the attacker to obtain sensitive log data, which may include user credentials. To exploit this vulnerability, the attacker would need to have valid credentials at the operator level or higher on the affected device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-log-YxQ6g2kG • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2020-3370 – Cisco Content Security Management Appliance Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3370
A vulnerability in URL filtering of Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to bypass URL filtering on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted, malicious HTTP request to an affected device. A successful exploit could allow the attacker to redirect users to malicious sites. Una vulnerabilidad en el filtrado de URL de Cisco Content Security Management Appliance (SMA) podría permitir a un atacante remoto no autenticado omitir el filtrado de URL en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-filt-39jXvMfM • CWE-20: Improper Input Validation •
CVE-2020-3164 – Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3164
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cont-sec-gui-dos-nJ625dXb • CWE-20: Improper Input Validation •