CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-1129 – Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1129
A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to access general system information and certain configuration information from an affected device. The vulnerability exists because a secure authentication token is not required when authenticating to the general purpose API. An attacker could exploit this vulnerability by sending a crafted request for information to the general purpose API on an affected device. A successful exploit could allow the attacker to obtain system and configuration information from the affected device, resulting in an unauthorized information disclosure. Una vulnerabilidad en la autenticación para la implementación de las API de propósito general de Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) y Cisco Web Security Appliance (WSA), podría permitir a un atacante no autenticado remoto acceder a información general del sistema y determinada información de configuración de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-info-RHp44vAC • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15969 – Cisco Web Security Appliance Management Interface Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2019-15969
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information. Una vulnerabilidad en la interfaz de administración basada en web del Cisco Web Security Appliance (WSA), podría permitir a un atacante no autenticado remoto conducir ataques de tipo cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wsa-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2020-3117 – Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-3117
A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL and receive a malicious HTTP response. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to a user's browser. Una vulnerabilidad en el API Framework de Cisco AsyncOS para Cisco Web Security Appliance (WSA) y Cisco Content Security Management Appliance (SMA), podría permitir a un atacante no autenticado remoto inyectar encabezados HTTP diseñados en la respuesta del servidor web. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-wsa-sma-header-inject • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-3547 – Cisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-3547
A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because an insecure method is used to mask certain passwords on the web-based management interface. An attacker could exploit this vulnerability by looking at the raw HTML code that is received from the interface. A successful exploit could allow the attacker to obtain some of the passwords configured throughout the interface. Una vulnerabilidad en la interfaz de administración basada en web en el software Cisco AsyncOS para Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA) y Cisco Web Security Appliance (WSA), podría permitir a un atacante remoto autenticado acceder a información confidencial en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-wsa-esa-info-dis-vsvPzOHP • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3164 – Cisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3164
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cont-sec-gui-dos-nJ625dXb • CWE-20: Improper Input Validation •