CISCO ESA

Pierluigi Paganini June 16, 2022
Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager

Cisco addressed a critical bypass authentication flaw in Cisco Email Security Appliance (ESA) and Secure Email and Web Manager. Cisco addressed a critical bypass authentication vulnerability affecting Email Security Appliance (ESA) and Secure Email and Web Manager. The flaw, tracked as CVE-2022-20798 (CVSS score 9.8), can be exploited by an unauthenticated, remote attacker to bypass […]

Pierluigi Paganini January 10, 2019
CISCO addresses DoS bugs in CISCO ESA products

Cisco addressed two DoS vulnerabilities in CISCO ESA products that can be exploited by remote unauthenticated attacker. Cisco fixed two denial-of-service (DoS) flaws in Email Security Appliance (ESA) products that can be exploited by a remote unauthenticated attacker. The first flaw tracked as CVE-2018-15453  has been rated as “critical,” it is a memory corruption bug caused […]

Pierluigi Paganini September 30, 2016
CVE-2016-6406 – CISCO reported a critical flaw in email security appliances (ESA)

Cisco issued a security advisory about a vulnerability, tracked as CVE-2016-6406, affecting the Email Security Appliance Internal Testing Interface. Cisco Systems reported the existence a vulnerability (CVE-2016-6406) in the email security appliances that could be exploited by a remote unauthenticated attacker to gain complete control of the security solution. The vulnerability is related the Cisco IronPort AsyncOS […]