Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-0276
Vulnerability from csaf_certbund
Published
2025-02-05 23:00
Modified
2025-02-05 23:00
Summary
Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cisco AsyncOS ist ein Betriebssystem für Cisco Appliances.
Das Cisco Secure Email Gateway ist eine Sicherheitslösung zum Schutz der E-Mail Kommunikation.
Cisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.
Angriff
Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuführen, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- CISCO Appliance
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Cisco AsyncOS ist ein Betriebssystem f\u00fcr Cisco Appliances.\r\nDas Cisco Secure Email Gateway ist eine Sicherheitsl\u00f6sung zum Schutz der E-Mail Kommunikation.\r\nCisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuf\u00fchren, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- CISCO Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0276 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0276.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0276 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0276"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-multi-yKUJhS34 vom 2025-02-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX vom 2025-02-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-esa-sma-xss-WCk2WcuG vom 2025-02-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-swa-range-bypass-2BsEHYSu vom 2025-02-05",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
}
],
"source_lang": "en-US",
"title": "Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-05T23:00:00.000+00:00",
"generator": {
"date": "2025-02-06T10:05:04.286+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0276",
"initial_release_date": "2025-02-05T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-05T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Email and Web Manager \u003c15.5.3-017",
"product": {
"name": "Cisco AsyncOS Email and Web Manager \u003c15.5.3-017",
"product_id": "T040826"
}
},
{
"category": "product_version",
"name": "Email and Web Manager 15.5.3-017",
"product": {
"name": "Cisco AsyncOS Email and Web Manager 15.5.3-017",
"product_id": "T040826-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__15.5.3-017"
}
}
},
{
"category": "product_version_range",
"name": "Email and Web Manager \u003c16.0.1-010",
"product": {
"name": "Cisco AsyncOS Email and Web Manager \u003c16.0.1-010",
"product_id": "T040827"
}
},
{
"category": "product_version",
"name": "Email and Web Manager 16.0.1-010",
"product": {
"name": "Cisco AsyncOS Email and Web Manager 16.0.1-010",
"product_id": "T040827-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__16.0.1-010"
}
}
},
{
"category": "product_version_range",
"name": "Email Gateway \u003c15.5.3-022",
"product": {
"name": "Cisco AsyncOS Email Gateway \u003c15.5.3-022",
"product_id": "T040828"
}
},
{
"category": "product_version",
"name": "Email Gateway 15.5.3-022",
"product": {
"name": "Cisco AsyncOS Email Gateway 15.5.3-022",
"product_id": "T040828-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:email_gateway__15.5.3-022"
}
}
},
{
"category": "product_version_range",
"name": "Email Gateway \u003c16.0.1-017",
"product": {
"name": "Cisco AsyncOS Email Gateway \u003c16.0.1-017",
"product_id": "T040829"
}
},
{
"category": "product_version",
"name": "Email Gateway 16.0.1-017",
"product": {
"name": "Cisco AsyncOS Email Gateway 16.0.1-017",
"product_id": "T040829-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:email_gateway__16.0.1-017"
}
}
},
{
"category": "product_version_range",
"name": "Web Appliance \u003c15.2.2-009",
"product": {
"name": "Cisco AsyncOS Web Appliance \u003c15.2.2-009",
"product_id": "T040830"
}
},
{
"category": "product_version",
"name": "Web Appliance 15.2.2-009",
"product": {
"name": "Cisco AsyncOS Web Appliance 15.2.2-009",
"product_id": "T040830-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.2-009"
}
}
},
{
"category": "product_version_range",
"name": "Web Appliance \u003c15.0.1-004",
"product": {
"name": "Cisco AsyncOS Web Appliance \u003c15.0.1-004",
"product_id": "T040837"
}
},
{
"category": "product_version",
"name": "Web Appliance 15.0.1-004",
"product": {
"name": "Cisco AsyncOS Web Appliance 15.0.1-004",
"product_id": "T040837-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:web_appliance__15.0.1-004"
}
}
},
{
"category": "product_version_range",
"name": "Web Appliance \u003c15.2.1-011",
"product": {
"name": "Cisco AsyncOS Web Appliance \u003c15.2.1-011",
"product_id": "T040838"
}
},
{
"category": "product_version",
"name": "Web Appliance 15.2.1-011",
"product": {
"name": "Cisco AsyncOS Web Appliance 15.2.1-011",
"product_id": "T040838-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.1-011"
}
}
}
],
"category": "product_name",
"name": "AsyncOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.0.3-002",
"product": {
"name": "Cisco Secure Email Gateway \u003c15.0.3-002",
"product_id": "T040832"
}
},
{
"category": "product_version",
"name": "15.0.3-002",
"product": {
"name": "Cisco Secure Email Gateway 15.0.3-002",
"product_id": "T040832-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_email_gateway:15.0.3-002"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.5.2-018",
"product": {
"name": "Cisco Secure Email Gateway \u003c15.5.2-018",
"product_id": "T040833"
}
},
{
"category": "product_version",
"name": "15.5.2-018",
"product": {
"name": "Cisco Secure Email Gateway 15.5.2-018",
"product_id": "T040833-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_email_gateway:15.5.2-018"
}
}
},
{
"category": "product_version_range",
"name": "\u003c16.0.0-050",
"product": {
"name": "Cisco Secure Email Gateway \u003c16.0.0-050",
"product_id": "T040834"
}
},
{
"category": "product_version",
"name": "16.0.0-050",
"product": {
"name": "Cisco Secure Email Gateway 16.0.0-050",
"product_id": "T040834-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_email_gateway:16.0.0-050"
}
}
}
],
"category": "product_name",
"name": "Secure Email Gateway"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.0.1-004",
"product": {
"name": "Cisco Secure Web Appliance \u003c15.0.1-004",
"product_id": "T040835"
}
},
{
"category": "product_version",
"name": "15.0.1-004",
"product": {
"name": "Cisco Secure Web Appliance 15.0.1-004",
"product_id": "T040835-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_web_appliance:15.0.1-004"
}
}
},
{
"category": "product_version_range",
"name": "\u003c15.2.1-010",
"product": {
"name": "Cisco Secure Web Appliance \u003c15.2.1-010",
"product_id": "T040836"
}
},
{
"category": "product_version",
"name": "15.2.1-010",
"product": {
"name": "Cisco Secure Web Appliance 15.2.1-010",
"product_id": "T040836-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:secure_web_appliance:15.2.1-010"
}
}
}
],
"category": "product_name",
"name": "Secure Web Appliance"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20184",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die unzureichende Validierung von XML-Konfigurationsdateien erm\u00f6glicht die Einspeisung von Befehlen durch das Hochladen einer manipulierten XML-Konfigurationsdatei. Ein entfernter, authentisierter Angreifer mit administrativen Anmeldedaten kann diese Schwachstelle ausnutzen, um Befehle mit Root-Rechten in das zugrunde liegende Betriebssystem einzuschleusen."
}
],
"product_status": {
"known_affected": [
"T040829",
"T040828",
"T040834",
"T040832",
"T040830"
]
},
"release_date": "2025-02-05T23:00:00.000+00:00",
"title": "CVE-2025-20184"
},
{
"cve": "CVE-2025-20185",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager, Cisco Secure Email Gateway und Cisco Secure Web Appliance. Aufgrund eines Architekturfehlers im Algorithmus zur Generierung von Passw\u00f6rtern f\u00fcr die Fernzugriffsfunktionalit\u00e4t kann ein tempor\u00e4res Passwort f\u00fcr das Dienstkonto generiert werden. Ein entfernter, authentisierter Angreifer mit administrativen Berechtigungen kann diese Schwachstelle ausnutzen, um Root-Rechte zu erlangen, beliebige Befehle als Root auszuf\u00fchren und Zugriff auf das zugrunde liegende Betriebssystem zu erhalten."
}
],
"product_status": {
"known_affected": [
"T040829",
"T040828",
"T040838",
"T040827",
"T040837",
"T040826",
"T040836",
"T040835",
"T040834",
"T040833",
"T040832",
"T040830"
]
},
"release_date": "2025-02-05T23:00:00.000+00:00",
"title": "CVE-2025-20185"
},
{
"cve": "CVE-2025-20180",
"notes": [
{
"category": "description",
"text": "In der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager und Secure Email Gateway wurde eine Cross-Site Scripting Schwachstelle entdeckt. Dieses Problem wird durch eine unsachgem\u00e4\u00dfe Filterung der vom Benutzer eingegebenen Daten in der webbasierten Verwaltungsschnittstelle verursacht, bevor die Eingaben angezeigt werden. Ein entfernter, authentisierter Angreifer mit mindestens der Operator-Rolle kann diese Schwachstelle ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, bei der das Opfer einer betroffenen Schnittstelle auf einen manipulierten Link klicken muss."
}
],
"product_status": {
"known_affected": [
"T040829",
"T040828",
"T040827",
"T040826",
"T040834",
"T040833",
"T040832"
]
},
"release_date": "2025-02-05T23:00:00.000+00:00",
"title": "CVE-2025-20180"
},
{
"cve": "CVE-2025-20183",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Web Appliance. Die Schwachstelle betrifft die richtlinienbasierte Cisco Application Visibility and Control (AVC)-Implementierung aufgrund der unsachgem\u00e4\u00dfen Behandlung eines manipulierten Range Request Headers. Durch das Senden einer HTTP-Anfrage mit einem manipulierten Range-Request-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um den Antiviren-Scanner zu umgehen und Malware unbemerkt auf den Endpunkt zu laden."
}
],
"product_status": {
"known_affected": [
"T040838",
"T040837",
"T040836",
"T040835"
]
},
"release_date": "2025-02-05T23:00:00.000+00:00",
"title": "CVE-2025-20183"
},
{
"cve": "CVE-2025-20207",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die Schwachstelle betrifft das Simple Network Management Protocol (SNMP) Polling, da kein ausreichender Schutz f\u00fcr vertrauliche Informationen in SNMP-Polling-Antworten vorhanden ist. Ein entfernt authentisierter Angreifer mit konfigurierten SNMP-Anmeldeinformationen kann diese Schwachstelle ausnutzen, um vertrauliche Informationen \u00fcber das zugrundeliegende Betriebssystem preiszugeben."
}
],
"product_status": {
"known_affected": [
"T040836",
"T040835",
"T040834",
"T040833",
"T040832"
]
},
"release_date": "2025-02-05T23:00:00.000+00:00",
"title": "CVE-2025-20207"
}
]
}
CVE-2025-20180 (GCVE-0-2025-20180)
Vulnerability from cvelistv5
Published
2025-02-05 16:14
Modified
2025-02-05 17:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Cisco | Cisco Secure Email |
Version: 14.0.0-698 Version: 13.5.1-277 Version: 13.0.0-392 Version: 14.2.0-620 Version: 13.0.5-007 Version: 13.5.4-038 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 Version: 15.5.1-055 Version: 15.5.2-018 Version: 16.0.0-050 Version: 15.0.3-002 Version: 16.0.0-054 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T17:20:31.169165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T17:20:45.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
},
{
"status": "affected",
"version": "15.5.2-018"
},
{
"status": "affected",
"version": "16.0.0-050"
},
{
"status": "affected",
"version": "15.0.3-002"
},
{
"status": "affected",
"version": "16.0.0-054"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email and Web Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "13.6.2-023"
},
{
"status": "affected",
"version": "13.6.2-078"
},
{
"status": "affected",
"version": "13.0.0-249"
},
{
"status": "affected",
"version": "13.0.0-277"
},
{
"status": "affected",
"version": "13.8.1-052"
},
{
"status": "affected",
"version": "13.8.1-068"
},
{
"status": "affected",
"version": "13.8.1-074"
},
{
"status": "affected",
"version": "14.0.0-404"
},
{
"status": "affected",
"version": "12.8.1-002"
},
{
"status": "affected",
"version": "14.1.0-227"
},
{
"status": "affected",
"version": "13.6.1-201"
},
{
"status": "affected",
"version": "14.2.0-203"
},
{
"status": "affected",
"version": "14.2.0-212"
},
{
"status": "affected",
"version": "12.8.1-021"
},
{
"status": "affected",
"version": "13.8.1-108"
},
{
"status": "affected",
"version": "14.2.0-224"
},
{
"status": "affected",
"version": "14.3.0-120"
},
{
"status": "affected",
"version": "15.0.0-334"
},
{
"status": "affected",
"version": "15.5.1-024"
},
{
"status": "affected",
"version": "15.5.1-029"
},
{
"status": "affected",
"version": "15.5.2-005"
},
{
"status": "affected",
"version": "16.0.0-195"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:14:11.746Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-esa-sma-xss-WCk2WcuG",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
}
],
"source": {
"advisory": "cisco-sa-esa-sma-xss-WCk2WcuG",
"defects": [
"CSCwn25954"
],
"discovery": "INTERNAL"
},
"title": "Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20180",
"datePublished": "2025-02-05T16:14:11.746Z",
"dateReserved": "2024-10-10T19:15:13.225Z",
"dateUpdated": "2025-02-05T17:20:45.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20183 (GCVE-0-2025-20183)
Vulnerability from cvelistv5
Published
2025-02-05 16:14
Modified
2025-02-05 17:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.
The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Web Appliance |
Version: 11.8.0-453 Version: 12.5.3-002 Version: 12.0.3-007 Version: 12.0.3-005 Version: 14.1.0-032 Version: 14.1.0-047 Version: 14.1.0-041 Version: 12.0.4-002 Version: 14.0.2-012 Version: 11.8.0-414 Version: 12.0.1-268 Version: 11.8.1-023 Version: 11.8.3-021 Version: 11.8.3-018 Version: 12.5.1-011 Version: 11.8.4-004 Version: 12.5.2-007 Version: 12.5.2-011 Version: 14.5.0-498 Version: 12.5.4-005 Version: 12.5.4-011 Version: 12.0.5-011 Version: 14.0.3-014 Version: 12.5.5-004 Version: 12.5.5-005 Version: 12.5.5-008 Version: 14.0.4-005 Version: 14.5.1-008 Version: 14.5.1-016 Version: 15.0.0-355 Version: 15.0.0-322 Version: 12.5.6-008 Version: 15.1.0-287 Version: 14.5.2-011 Version: 15.2.0-116 Version: 14.0.5-007 Version: 15.2.0-164 Version: 14.5.1-510 Version: 12.0.2-012 Version: 12.0.2-004 Version: 14.5.1-607 Version: 14.5.3-033 Version: 14.5.0-673 Version: 14.5.0-537 Version: 12.0.1-334 Version: 14.0.1-503 Version: 14.0.1-053 Version: 11.8.0-429 Version: 14.0.1-040 Version: 14.0.1-014 Version: 12.5.1-043 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T17:00:32.365680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T17:00:50.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "14.5.0-673"
},
{
"status": "affected",
"version": "14.5.0-537"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.\u0026nbsp;\r\n\r\nThe vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:14:21.787Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-swa-range-bypass-2BsEHYSu",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
}
],
"source": {
"advisory": "cisco-sa-swa-range-bypass-2BsEHYSu",
"defects": [
"CSCwk58287"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Secure Web Appliance Range Request Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20183",
"datePublished": "2025-02-05T16:14:21.787Z",
"dateReserved": "2024-10-10T19:15:13.225Z",
"dateUpdated": "2025-02-05T17:00:50.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20184 (GCVE-0-2025-20184)
Vulnerability from cvelistv5
Published
2025-02-05 16:14
Modified
2025-02-05 17:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.
This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Cisco | Cisco Secure Email |
Version: 14.0.0-698 Version: 13.5.1-277 Version: 13.0.0-392 Version: 14.2.0-620 Version: 13.0.5-007 Version: 13.5.4-038 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 Version: 15.5.1-055 Version: 15.5.2-018 Version: 15.0.3-002 Version: 15.5.3-022 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T16:59:57.945223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T17:00:15.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
},
{
"status": "affected",
"version": "15.5.2-018"
},
{
"status": "affected",
"version": "15.0.3-002"
},
{
"status": "affected",
"version": "15.5.3-022"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "15.0.1-004"
},
{
"status": "affected",
"version": "15.2.1-011"
},
{
"status": "affected",
"version": "14.5.0-673"
},
{
"status": "affected",
"version": "14.5.0-537"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:14:30.863Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
}
],
"source": {
"advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
"defects": [
"CSCwk70559"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20184",
"datePublished": "2025-02-05T16:14:30.863Z",
"dateReserved": "2024-10-10T19:15:13.225Z",
"dateUpdated": "2025-02-05T17:00:15.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20207 (GCVE-0-2025-20207)
Vulnerability from cvelistv5
Published
2025-02-05 16:15
Modified
2025-02-05 16:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.
This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Cisco | Cisco Secure Email |
Version: 14.0.0-698 Version: 13.5.1-277 Version: 13.0.0-392 Version: 14.2.0-620 Version: 13.0.5-007 Version: 13.5.4-038 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 Version: 15.5.1-055 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T16:57:37.294661Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:57:53.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email and Web Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "13.6.2-023"
},
{
"status": "affected",
"version": "13.6.2-078"
},
{
"status": "affected",
"version": "13.0.0-249"
},
{
"status": "affected",
"version": "13.0.0-277"
},
{
"status": "affected",
"version": "13.8.1-052"
},
{
"status": "affected",
"version": "13.8.1-068"
},
{
"status": "affected",
"version": "13.8.1-074"
},
{
"status": "affected",
"version": "14.0.0-404"
},
{
"status": "affected",
"version": "12.8.1-002"
},
{
"status": "affected",
"version": "14.1.0-227"
},
{
"status": "affected",
"version": "13.6.1-201"
},
{
"status": "affected",
"version": "14.2.0-203"
},
{
"status": "affected",
"version": "14.2.0-212"
},
{
"status": "affected",
"version": "12.8.1-021"
},
{
"status": "affected",
"version": "13.8.1-108"
},
{
"status": "affected",
"version": "14.2.0-224"
},
{
"status": "affected",
"version": "14.3.0-120"
},
{
"status": "affected",
"version": "15.0.0-334"
},
{
"status": "affected",
"version": "15.5.1-024"
},
{
"status": "affected",
"version": "15.5.1-029"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:15:06.012Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
}
],
"source": {
"advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
"defects": [
"CSCwk60819"
],
"discovery": "INTERNAL"
},
"title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20207",
"datePublished": "2025-02-05T16:15:06.012Z",
"dateReserved": "2024-10-10T19:15:13.230Z",
"dateUpdated": "2025-02-05T16:57:53.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20185 (GCVE-0-2025-20185)
Vulnerability from cvelistv5
Published
2025-02-05 16:14
Modified
2025-02-05 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Summary
A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.
This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.
Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Cisco | Cisco Secure Email |
Version: 14.0.0-698 Version: 13.5.1-277 Version: 13.0.0-392 Version: 14.2.0-620 Version: 13.0.5-007 Version: 13.5.4-038 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 Version: 15.5.1-055 Version: 15.5.2-018 Version: 15.0.3-002 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T16:59:20.922545Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:59:47.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
},
{
"status": "affected",
"version": "15.5.2-018"
},
{
"status": "affected",
"version": "15.0.3-002"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email and Web Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "13.6.2-023"
},
{
"status": "affected",
"version": "13.6.2-078"
},
{
"status": "affected",
"version": "13.0.0-249"
},
{
"status": "affected",
"version": "13.0.0-277"
},
{
"status": "affected",
"version": "13.8.1-052"
},
{
"status": "affected",
"version": "13.8.1-068"
},
{
"status": "affected",
"version": "13.8.1-074"
},
{
"status": "affected",
"version": "14.0.0-404"
},
{
"status": "affected",
"version": "12.8.1-002"
},
{
"status": "affected",
"version": "14.1.0-227"
},
{
"status": "affected",
"version": "13.6.1-201"
},
{
"status": "affected",
"version": "14.2.0-203"
},
{
"status": "affected",
"version": "14.2.0-212"
},
{
"status": "affected",
"version": "12.8.1-021"
},
{
"status": "affected",
"version": "13.8.1-108"
},
{
"status": "affected",
"version": "14.2.0-224"
},
{
"status": "affected",
"version": "14.3.0-120"
},
{
"status": "affected",
"version": "15.0.0-334"
},
{
"status": "affected",
"version": "15.5.1-024"
},
{
"status": "affected",
"version": "15.5.1-029"
},
{
"status": "affected",
"version": "15.5.2-005"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "15.0.1-004"
},
{
"status": "affected",
"version": "15.2.1-011"
},
{
"status": "affected",
"version": "14.5.0-673"
},
{
"status": "affected",
"version": "14.5.0-537"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:14:38.541Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
}
],
"source": {
"advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
"defects": [
"CSCwk70576"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20185",
"datePublished": "2025-02-05T16:14:38.541Z",
"dateReserved": "2024-10-10T19:15:13.226Z",
"dateUpdated": "2025-02-05T16:59:47.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…