Cisco - Email Security Appliance CVE

Filtered by vendor Cisco Subscribe

Filtered by product Email Security Appliance

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 51 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-4288	1 Cisco	3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance	2015-07-29	4.3 MEDIUM	N/A
The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCuo29561, CSCuv40466, and CSCuv40470.

Vulnerabilities (CVE)