Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.
2023-06-28T15:15:09.760
2024-11-21T07:40:36.147
Modified
CVSSv3.1: 5.4 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cisco | secure_email_and_web_manager | 14.0.0-418 | Yes |
| Application | cisco | secure_email_and_web_manager | 14.0.1-033 | Yes |
| Application | cisco | secure_email_and_web_manager | 14.0.1-053 | Yes |
| Application | cisco | secure_email_and_web_manager | 15.0.0-050 | Yes |
| Application | cisco | secure_email_and_web_manager | 15.0.0-256 | Yes |
| Application | cisco | secure_email_gateway | 14.0.0-418 | Yes |
| Application | cisco | secure_email_gateway | 14.0.1-033 | Yes |
| Application | cisco | secure_email_gateway | 14.0.1-053 | Yes |
| Application | cisco | secure_email_gateway | 15.0.0-050 | Yes |
| Application | cisco | secure_email_gateway | 15.0.0-256 | Yes |
| Application | cisco | web_security_appliance | 14.0.0-418 | Yes |
| Application | cisco | web_security_appliance | 14.0.1-033 | Yes |
| Application | cisco | web_security_appliance | 14.0.1-053 | Yes |
| Application | cisco | web_security_appliance | 15.0.0-050 | Yes |
| Application | cisco | web_security_appliance | 15.0.0-256 | Yes |