Known Vulnerabilities for Email Security Appliance by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Email Security Appliance" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

More device details and information can be found at device.report here: Cisco Email Security Appliance

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-3470 json	A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data cor...	Not Provided	2026-03-31	2026-03-31
CVE-2026-3469 json	A denial-of-service (DoS) vulnerability exists due to improper input validation in the SonicWall Email Security appliance, al...	Not Provided	2026-03-31	2026-03-31
CVE-2026-3468 json	A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improp...	Not Provided	2026-03-31	2026-03-31
CVE-2023-20075 json	Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary com...	6.7 - MEDIUM	2023-03-01	2024-01-25
CVE-2023-20009 json	A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web M...	7.2 - HIGH	2023-03-01	2024-01-25
CVE-2022-20960 json	A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote atta...	7.5 - HIGH	2022-11-04	2024-01-25
CVE-2022-20798 json	A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco S...	9.8 - CRITICAL	2022-06-15	2023-11-07
CVE-2022-20772 json	A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated...	5.3 - MEDIUM	2022-11-04	2024-01-25
CVE-2022-20675 json	A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Se...	5.3 - MEDIUM	2022-04-06	2023-11-07
CVE-2022-20664 json	A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management App...	7.7 - HIGH	2022-06-15	2023-11-07

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version
Application	Cisco	Email Security Appliance	9.8.5-085
Application	Cisco	Email Security Appliance	9.7.1-hp2-207
Application	Cisco	Email Security Appliance	9.7.0-125
Hardware	Cisco	Email Security Appliance	9.7.0-125
Hardware	Cisco	Email Security Appliance	9.6.0-051
Application	Cisco	Email Security Appliance	9.6.0-051
Application	Cisco	Email Security Appliance	9.6.0-042
Application	Cisco	Email Security Appliance	9.6.0-000
Hardware	Cisco	Email Security Appliance	9.6.0-000
Hardware	Cisco	Email Security Appliance	9.5.0-201
Application	Cisco	Email Security Appliance	9.5.0-201
Application	Cisco	Email Security Appliance	9.5.0-000
Application	Cisco	Email Security Appliance	9.4.4-000
Application	Cisco	Email Security Appliance	9.4.0
Application	Cisco	Email Security Appliance	9.1.1-036
Hardware	Cisco	Email Security Appliance	9.1.1-000
Application	Cisco	Email Security Appliance	9.1.1-000
Application	Cisco	Email Security Appliance	9.1.0-101
Hardware	Cisco	Email Security Appliance	9.1.0-032
Application	Cisco	Email Security Appliance	9.1.0-032

Results limited to 20 most recent known configurations