Skip to content

CVE-2014-2119

The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118.

View on NVD

Severity

N/A

EPSS

Probability of exploitation (next 30 days): 0.0137 (1.4%)
Percentile: 80.3%
EPSS: 2026-05-06

Affects

cisco:ironport_asyncoscisco:content_security_management_appliancecisco:email_security_appliance_firmware

Technical description

The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118.

Published: 3/21/2014, 1:04:02 AM
Last modified: 5/6/2026, 10:30:45 PM

References

HomeEventsBlogResourcesTeam