Cisco Cisco Web Security Appliance (Wsa)
24 CVEs affecting Cisco Cisco Web Security Appliance (Wsa). Latest disclosed: 2023-06-28. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-15956 | High | 8.8 | 2019-11-26 | A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker… |
CVE-2021-34698 | High | 8.6 | 2021-10-06 | A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system… |
CVE-2019-1886 | High | 8.6 | 2019-07-04 | A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of serv… |
CVE-2019-1817 | High | 8.6 | 2019-05-03 | A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to ca… |
CVE-2019-1884 | High | 7.7 | 2019-07-04 | A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker t… |
CVE-2021-1566 | High | 7.4 | 2021-06-16 | A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco We… |
CVE-2021-1359 | Medium | 6.3 | 2021-07-08 | A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perfor… |
CVE-2019-15969 | Medium | 6.1 | 2020-09-23 | A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-si… |
CVE-2022-20784 | Medium | 5.8 | 2022-04-06 | A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated… |
CVE-2021-34749 | Medium | 5.8 | 2021-08-18 | A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snor… |
CVE-2019-1672 | Medium | 5.8 | 2019-02-08 | A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker… |
CVE-2023-20120 | Medium | 5.4 | 2023-06-28 | Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, fo… |
CVE-2023-20028 | Medium | 5.4 | 2023-06-28 | Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, fo… |
CVE-2022-20781 | Medium | 5.4 | 2022-04-06 | A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote att… |
CVE-2022-20675 | Medium | 5.3 | 2022-04-06 | A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, former… |
CVE-2021-1129 | Medium | 5.3 | 2021-01-20 | A vulnerability in the authentication for the general purpose APIs implementation of Cisco Email Security Appliance (ESA), Cisco Content Security Management Ap… |
CVE-2020-3367 | Medium | 5.3 | 2020-11-18 | A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenti… |
CVE-2020-3164 | Medium | 5.3 | 2020-03-04 | A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco… |
CVE-2019-1816 | Medium | 5.3 | 2019-05-03 | A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command inj… |
CVE-2021-1271 | Medium | 4.8 | 2021-01-20 | A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to… |