Cisco Web_security_appliance
45 CVEs affecting Cisco Web_security_appliance. Latest disclosed: 2017-08-17. Critical: 0, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6751 | High | 7.5 | 2017-07-25 | A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic fro… |
CVE-2017-6750 | High | 7.5 | 2017-07-25 | A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privilege… |
CVE-2016-9212 | High | 7.5 | 2016-12-14 | A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an una… |
CVE-2016-6469 | High | 7.5 | 2016-12-14 | A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial o… |
CVE-2016-6372 | High | 7.5 | 2016-10-28 | A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cis… |
CVE-2016-6360 | High | 7.5 | 2016-10-28 | A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated… |
CVE-2016-6407 | High | 7.5 | 2016-09-17 | Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many H… |
CVE-2016-1405 | High | 7.5 | 2016-06-08 | libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web… |
CVE-2016-1383 | High | 7.5 | 2016-05-25 | Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via… |
CVE-2016-1382 | High | 7.5 | 2016-05-25 | Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote… |
CVE-2016-1381 | High | 7.5 | 2016-05-25 | Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (mem… |
CVE-2016-1380 | High | 7.5 | 2016-05-25 | Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a craf… |
CVE-2016-1296 | High | 7.5 | 2016-01-20 | The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended pro… |
CVE-2017-6746 | High | 7.2 | 2017-07-25 | A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and e… |
CVE-2017-6748 | Medium | 6.7 | 2017-07-25 | A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and eleva… |
CVE-2016-1411 | Medium | 5.9 | 2016-12-14 | A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco C… |
CVE-2016-6416 | Medium | 5.9 | 2016-10-05 | The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through… |
CVE-2017-3870 | Medium | 5.8 | 2017-03-17 | A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker t… |
CVE-2017-3827 | Medium | 5.8 | 2017-02-22 | A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Securit… |
CVE-2017-6749 | Medium | 5.4 | 2017-07-25 | A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored c… |