Skip to main content

Email Security Virtual Appliance

6 CVEs product

Monthly

CVE-2021-20025 HIGH This Week

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sonicwall Authentication Bypass Email Security Virtual Appliance
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-20023 MEDIUM KEV THREAT This Month

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sonicwall Email Security Email Security Appliance 9000 Firmware Email Security Appliance 3300 Firmware +8
NVD
CVSS 3.1
4.9
EPSS
51.4%
CVE-2021-20022 HIGH KEV THREAT This Week

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Sonicwall File Upload Email Security Email Security Appliance 9000 Firmware Email Security Appliance 3300 Firmware +8
NVD
CVSS 3.1
7.2
EPSS
16.5%
CVE-2021-20021 CRITICAL POC KEV THREAT Act Now

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Sonicwall Email Security Email Security Appliance 9000 Firmware Email Security Appliance 3300 Firmware +8
NVD
CVSS 3.1
9.8
EPSS
83.4%
CVE-2015-4217 MEDIUM This Month

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Information Disclosure Content Security Management Virtual Appliance Email Security Virtual Appliance Web Security Virtual Appliance
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2015-4216 MEDIUM This Month

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Content Security Management Virtual Appliance Email Security Virtual Appliance Web Security Virtual Appliance
NVD
CVSS 2.0
5.0
EPSS
0.9%
EPSS 0% CVSS 7.8
HIGH This Week

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sonicwall Authentication Bypass Email Security Virtual Appliance
NVD
EPSS 51% CVSS 4.9
MEDIUM KEV THREAT This Month

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sonicwall Email Security +10
NVD
EPSS 17% CVSS 7.2
HIGH KEV THREAT This Week

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Sonicwall File Upload Email Security +10
NVD
EPSS 83% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Sonicwall Email Security +10
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Information Disclosure Content Security Management Virtual Appliance +2
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Content Security Management Virtual Appliance +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy