CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-20675 – Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20675
06 Apr 2022 — A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-SNMP-JLAJksWK • CWE-248: Uncaught Exception •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-20781 – Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2022-20781
06 Apr 2022 — A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interfa... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-stored-xss-XPsJghMY • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-20784 – Cisco Web Security Appliance Filter Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-20784
06 Apr 2022 — A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to incorrect handling of certain character combinations inserted into a URL. An attacker could exploit this vulnerability by sending crafted URLs to be processed by an affected device. A successful exploit could allo... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-filter-bypass-XXXTU3X • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2021-34698 – Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34698
06 Oct 2021 — A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause t... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-dos-fmHdKswk • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 0CVE-2021-34749 – Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability
https://notcve.org/view.php?id=CVE-2021-34749
18 Aug 2021 — A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an e... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-1359 – Cisco Web Security Appliance Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1359
08 Jul 2021 — A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied XML input for the web interface. An attacker could exploit this vulnerability by uploading crafted XML configuration files that contain scripting code to a vulnerable device. A successful exploit could allow the attacker to execute... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scr-web-priv-esc-k3HCGJZ • CWE-112: Missing XML Validation •
CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2021-1566 – Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1566
16 Jun 2021 — A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet t... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW • CWE-295: Improper Certificate Validation CWE-296: Improper Following of a Certificate's Chain of Trust •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1516 – Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1516
06 May 2021 — A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at t... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-gY2AEz2H • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-1490 – Cisco Web Security Appliance Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2021-1490
06 May 2021 — A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to retrieve a crafted file that contains malicious payload and upload it to... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-mVjOWchB • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-1271 – Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2021-1271
20 Jan 2021 — A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A suc... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •