Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), Cisco Email Security Appliance (ESA), and Cisco Content Security Management Appliance (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
Note: This security advisory has been updated to include important information about Cisco WSA
This advisory is available at the following link: