Show filters
102 Total Results
Displaying 81-90 of 102
Sort by:
Attacker Value
Unknown
CVE-2015-4278
Disclosure Date: July 16, 2015 (last updated October 05, 2023)
Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806.
0
Attacker Value
Unknown
CVE-2015-4236
Disclosure Date: July 10, 2015 (last updated October 05, 2023)
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.
0
Attacker Value
Unknown
CVE-2015-4217
Disclosure Date: June 26, 2015 (last updated October 05, 2023)
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.
0
Attacker Value
Unknown
CVE-2015-4216
Disclosure Date: June 26, 2015 (last updated October 05, 2023)
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.
0
Attacker Value
Unknown
CVE-2015-4184
Disclosure Date: June 13, 2015 (last updated October 05, 2023)
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733.
0
Attacker Value
Unknown
CVE-2015-0734
Disclosure Date: May 15, 2015 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
0
Attacker Value
Unknown
CVE-2015-2768
Disclosure Date: March 27, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2015-2771
Disclosure Date: March 27, 2015 (last updated October 05, 2023)
The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
0
Attacker Value
Unknown
CVE-2015-2748
Disclosure Date: March 26, 2015 (last updated October 05, 2023)
Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web Security incident report or the (2) Explorer configuration (websense.ini) file.
0
Attacker Value
Unknown
CVE-2015-2702
Disclosure Date: March 25, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Message Log in the Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via the sender address in an email.
0