Cisco » Email Security Appliance : Security Vulnerabilities, CVEs, (Denial of service)
Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service (file-descriptor consumption and device reload) via crafted HTTP requests, aka Bug ID CSCuw32211.
Max CVSS
6.8
EPSS Score
0.11%
Published
2015-10-02
Updated
2018-10-30
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.
Max CVSS
6.4
EPSS Score
0.13%
Published
2015-09-14
Updated
2017-01-04
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.
Max CVSS
4.3
EPSS Score
0.26%
Published
2015-07-10
Updated
2018-10-30
3 vulnerabilities found