Cisco Cloud Email Security (CES) 13.0.0-375

CPE Details

Cisco Cloud Email Security (CES) 13.0.0-375
13.0.0-375
2020-03-04
13h50 +00:00
2020-03-04
13h50 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:cloud_email_security:13.0.0-375:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

cloud_email_security

Version

13.0.0-375

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-3164 2020-03-04 18h40 +00:00 A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded.
5.3
Medium