Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2016-09-22 |
| Product | Email Security Appliance Firmware | Last view | 2022-11-04 |
| Version | 9.1.2-036 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:cisco:email_security_appliance_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.3 | 2022-11-04 | CVE-2022-20772 | A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses. |
| 5.3 | 2019-11-26 | CVE-2019-15988 | A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input validation of URLs. An attacker could exploit this vulnerability by crafting the URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for the affected device, which could allow malicious URLs to pass through the device. |
| 4.3 | 2019-11-26 | CVE-2019-15971 | A vulnerability in the MP3 detection engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of certain MP3 file types. An attacker could exploit this vulnerability by sending a crafted MP3 file through the targeted device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email. |
| 7.5 | 2019-10-02 | CVE-2019-12706 | A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the affected software insufficiently validates certain incoming SPF messages. An attacker could exploit this vulnerability by sending a custom SPF packet to an affected device. A successful exploit could allow the attacker to bypass the configured header filters, which could allow malicious content to pass through the device. |
| 9.8 | 2016-09-22 | CVE-2016-6406 | Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (2) | CWE-20 | Improper Input Validation |
| 20% (1) | CWE-345 | Insufficient Verification of Data Authenticity |
| 20% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-09-22 | Cisco ESA internal testing interface access attempt RuleID : 40275 - Type : SERVER-WEBAPP - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-10-05 | Name: The remote security appliance is missing a vendor-supplied security patch. File: cisco-sa-20160922-esa.nasl - Type: ACT_GATHER_INFO |
