Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

asyncos

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

54
Related CVEsRelated VendorsRelated AssignersReports
54Vulnerabilities found
CVE-2015-0605
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.58% / 67.99%
||
7 Day CHG~0.00%
Published-07 Feb, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 and earlier allows remote attackers to bypass intended content restrictions via a crafted e-mail attachment with uuencode encoding, aka Bug ID CSCzv54343.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliance_firmwareasyncosn/a
CVE-2015-0577
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.33% / 55.24%
||
7 Day CHG~0.00%
Published-14 Jan, 2015 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Cisco AsyncOS, as used on the Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA), allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCus22925 and CSCup08113.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asyncosn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-3381
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-5||MEDIUM
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-19 Oct, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-asyncosn/a
CVE-2014-2195
Assigner-Cisco Systems, Inc.
ShareView Details
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.32% / 54.51%
||
7 Day CHG~0.00%
Published-20 May, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS on Email Security Appliance (ESA) and Content Security Management Appliance (SMA) devices, when Active Directory is enabled, does not properly handle group names, which allows remote attackers to gain role privileges by leveraging group-name similarity, aka Bug ID CSCum86085.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliance_firmwarecontent_security_management_applianceasyncosn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • Next