Search

Find a vulnerability

Search criteria

    42 vulnerabilities found for Cisco Secure Email by Cisco

    CVE-2025-20393 (GCVE-0-2025-20393)

    Vulnerability from nvd – Published: 2025-12-17 16:47 – Updated: 2026-02-26 16:07
    VLAI CISA KEVIntel
    Title
    Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability
    Summary
    A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Affected: 15.5.3-022
    Affected: 16.0.1-017
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Affected: 15.5.3-017
    Affected: 16.0.1-010
    Affected: 15.0.1-035
    Affected: 16.0.2-088
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20393",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-18T04:55:22.327258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-12-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:31.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-017"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-017"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-010"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-035"
                },
                {
                  "status": "affected",
                  "version": "16.0.2-088"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with\u0026nbsp;root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In December 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of potentially malicious activity that targets Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T16:32:03.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sma-attack-N9bf4",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sma-attack-N9bf4",
            "defects": [
              "CSCws36549"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20393",
        "datePublished": "2025-12-17T16:47:13.128Z",
        "dateReserved": "2024-10-10T19:15:13.266Z",
        "dateUpdated": "2026-02-26T16:07:31.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20153 (GCVE-0-2025-20153)

    Vulnerability from nvd – Published: 2025-02-19 16:06 – Updated: 2025-02-19 16:19
    VLAI
    Title
    Cisco ESA mail Bypass
    Summary
    A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T16:19:02.308539Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T16:19:19.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. \u0026nbsp;\r\n\r\nThis vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-19T16:06:10.664Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-mailpol-bypass-5nVcJZMw",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-mailpol-bypass-5nVcJZMw"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-mailpol-bypass-5nVcJZMw",
            "defects": [
              "CSCwm82380"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ESA mail Bypass"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20153",
        "datePublished": "2025-02-19T16:06:10.664Z",
        "dateReserved": "2024-10-10T19:15:13.216Z",
        "dateUpdated": "2025-02-19T16:19:19.168Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from nvd – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20184 (GCVE-0-2025-20184)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Affected: 15.5.3-022
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:57.945223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:15.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:30.863Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70559"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20184",
        "datePublished": "2025-02-05T16:14:30.863Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:15.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20180 (GCVE-0-2025-20180)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:20
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:20:31.169165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:20:45.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:11.746Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-xss-WCk2WcuG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-xss-WCk2WcuG",
            "defects": [
              "CSCwn25954"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20180",
        "datePublished": "2025-02-05T16:14:11.746Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:20:45.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3548 (GCVE-0-2020-3548)

    Vulnerability from nvd – Published: 2024-11-18 15:53 – Updated: 2024-11-18 16:32
    VLAI
    Title
    Cisco Email Security Appliance Denial Of Service Vulnerability
    Summary
    A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: N/A
    Create a notification for this product.
    cisco secure_email Affected: 0 , ≤ 13.5.1-277 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "13.5.1-277",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T16:30:29.514984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:32:04.999Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco\u0026nbsp;AsyncOS software for Cisco\u0026nbsp;Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:53:40.744Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-tls-dos-xW53TBhb",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-tls-dos-xW53TBhb"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-tls-dos-xW53TBhb",
            "defects": [
              "CSCvu35999"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Email Security Appliance Denial Of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3548",
        "datePublished": "2024-11-18T15:53:40.744Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:32:04.999Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from nvd – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20429 (GCVE-0-2024-20429)

    Vulnerability from nvd – Published: 2024-07-17 16:29 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary system commands on an affected device. This vulnerability is due to insufficient input validation in certain portions of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To successfully exploit this vulnerability, an attacker would need at least valid Operator credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
        cpe:2.3:a:cisco:secure_email:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.3-238"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-069"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-131"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-128"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0-419"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-071"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-087"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-089"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0-392"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.5-007"
                  },
                  {
                    "status": "affected",
                    "version": "13.5.1-277"
                  },
                  {
                    "status": "affected",
                    "version": "13.5.4-038"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.0-066"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.4-041"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.3-041"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.0-698"
                  },
                  {
                    "status": "affected",
                    "version": "14.2.0-620"
                  },
                  {
                    "status": "affected",
                    "version": "14.2.1-020"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20429",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T03:55:39.760Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:41.996Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-priv-esc-ssti-xNO2EOGZ"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary system commands on an affected device.\r\n\r This vulnerability is due to insufficient input validation in certain portions of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To successfully exploit this vulnerability, an attacker would need at least valid Operator credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:29:18.884Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-priv-esc-ssti-xNO2EOGZ"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
            "defects": [
              "CSCwf61949"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20429",
        "datePublished": "2024-07-17T16:29:18.884Z",
        "dateReserved": "2023-11-08T15:08:07.666Z",
        "dateUpdated": "2024-08-01T21:59:41.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20401 (GCVE-0-2024-20401)

    Vulnerability from nvd – Published: 2024-07-17 16:26 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device. Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: N/A
    Create a notification for this product.
    cisco secure_email Affected: 0 , < 15.5.1-055 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThan": "15.5.1-055",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20401",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T03:55:39.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.233Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-afw-bGG2UsjH",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system.\r\n\r This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.\r\n\r Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "Absolute Path Traversal",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:26:38.305Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-afw-bGG2UsjH",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-afw-bGG2UsjH",
            "defects": [
              "CSCwj53998"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20401",
        "datePublished": "2024-07-17T16:26:38.305Z",
        "dateReserved": "2023-11-08T15:08:07.660Z",
        "dateUpdated": "2024-08-01T21:59:42.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20392 (GCVE-0-2024-20392)

    Vulnerability from nvd – Published: 2024-05-15 17:22 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to the web-based management API of the affected system. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to perform cross-site scripting (XSS) attacks, resulting in the execution of arbitrary script code in the browser of the targeted user, or could allow the attacker to access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20392",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T19:20:56.899213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:31.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.424Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-http-split-GLrnnOwS",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. \r\n\r This vulnerability is due to insufficient input validation of some parameters that are passed to the web-based management API of the affected system. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to perform cross-site scripting (XSS) attacks, resulting in the execution of arbitrary script code in the browser of the targeted user, or could allow the attacker to access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-113",
                  "description": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:22:39.980Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-http-split-GLrnnOwS",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-http-split-GLrnnOwS",
            "defects": [
              "CSCwh12975"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20392",
        "datePublished": "2024-05-15T17:22:39.980Z",
        "dateReserved": "2023-11-08T15:08:07.659Z",
        "dateUpdated": "2024-08-01T21:59:42.424Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20258 (GCVE-0-2024-20258)

    Vulnerability from nvd – Published: 2024-05-15 17:32 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238 , ≤ 15.5.0-048 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco secure_email_and_web_manager Affected: 9.0.0-087 , ≤ 15.0.0-334 (custom)
        cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.5.0-048",
                    "status": "affected",
                    "version": "11.0.3-238",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email_and_web_manager",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.0.0-334",
                    "status": "affected",
                    "version": "9.0.0-087",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:18:20.336833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:25.043Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:32:16.125Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf84882",
              "CSCwj12619",
              "CSCwf93368"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20258",
        "datePublished": "2024-05-15T17:32:16.125Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20257 (GCVE-0-2024-20257)

    Vulnerability from nvd – Published: 2024-05-15 17:58 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20257",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T16:02:05.959708Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:16.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:58:59.579Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf73258"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20257",
        "datePublished": "2024-05-15T17:58:59.579Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-26082 (GCVE-0-2020-26082)

    Vulnerability from nvd – Published: 2023-08-04 20:49 – Updated: 2025-07-09 13:37
    VLAI
    Summary
    A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:49:06.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-zip-bypass-gbU4gtTg",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-zip-bypass-gbU4gtTg"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-26082",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-09T13:37:36.322682Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-09T13:37:52.867Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device.\r\n The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:04.488Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-zip-bypass-gbU4gtTg",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-zip-bypass-gbU4gtTg"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-zip-bypass-gbU4gtTg",
            "defects": [
              "CSCvv38679"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-26082",
        "datePublished": "2023-08-04T20:49:05.202Z",
        "dateReserved": "2020-09-24T00:00:00.000Z",
        "dateUpdated": "2025-07-09T13:37:52.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20075 (GCVE-0-2023-20075)

    Vulnerability from nvd – Published: 2023-02-16 15:25 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.631Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands.\r\n\r These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials.\r\n"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:41.853Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
            "defects": [
              "CSCwd50043"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20075",
        "datePublished": "2023-02-16T15:25:34.747Z",
        "dateReserved": "2022-10-27T18:47:50.329Z",
        "dateUpdated": "2024-08-02T08:57:35.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20009 (GCVE-0-2023-20009)

    Vulnerability from nvd – Published: 2023-02-16 15:25 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.597Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].\r\n\r The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:30.327Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
            "defects": [
              "CSCwd29901",
              "CSCwd29905"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20009",
        "datePublished": "2023-02-16T15:25:13.820Z",
        "dateReserved": "2022-10-27T18:47:50.307Z",
        "dateUpdated": "2024-08-02T08:57:35.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20393 (GCVE-0-2025-20393)

    Vulnerability from cvelistv5 – Published: 2025-12-17 16:47 – Updated: 2026-02-26 16:07
    VLAI CISA KEVIntel
    Title
    Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability
    Summary
    A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with&nbsp;root privileges.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Affected: 15.5.3-022
    Affected: 16.0.1-017
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Affected: 15.5.3-017
    Affected: 16.0.1-010
    Affected: 15.0.1-035
    Affected: 16.0.2-088
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20393",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-18T04:55:22.327258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-12-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:31.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-017"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-017"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-010"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-035"
                },
                {
                  "status": "affected",
                  "version": "16.0.2-088"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with\u0026nbsp;root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In December 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of potentially malicious activity that targets Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T16:32:03.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sma-attack-N9bf4",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sma-attack-N9bf4",
            "defects": [
              "CSCws36549"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20393",
        "datePublished": "2025-12-17T16:47:13.128Z",
        "dateReserved": "2024-10-10T19:15:13.266Z",
        "dateUpdated": "2026-02-26T16:07:31.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20153 (GCVE-0-2025-20153)

    Vulnerability from cvelistv5 – Published: 2025-02-19 16:06 – Updated: 2025-02-19 16:19
    VLAI
    Title
    Cisco ESA mail Bypass
    Summary
    A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. &nbsp; This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T16:19:02.308539Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T16:19:19.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. \u0026nbsp;\r\n\r\nThis vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-19T16:06:10.664Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-mailpol-bypass-5nVcJZMw",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-mailpol-bypass-5nVcJZMw"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-mailpol-bypass-5nVcJZMw",
            "defects": [
              "CSCwm82380"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ESA mail Bypass"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20153",
        "datePublished": "2025-02-19T16:06:10.664Z",
        "dateReserved": "2024-10-10T19:15:13.216Z",
        "dateUpdated": "2025-02-19T16:19:19.168Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20184 (GCVE-0-2025-20184)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Affected: 15.5.3-022
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:57.945223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:15.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:30.863Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70559"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20184",
        "datePublished": "2025-02-05T16:14:30.863Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:15.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20180 (GCVE-0-2025-20180)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:20
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:20:31.169165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:20:45.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:11.746Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-xss-WCk2WcuG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-xss-WCk2WcuG",
            "defects": [
              "CSCwn25954"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20180",
        "datePublished": "2025-02-05T16:14:11.746Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:20:45.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3548 (GCVE-0-2020-3548)

    Vulnerability from cvelistv5 – Published: 2024-11-18 15:53 – Updated: 2024-11-18 16:32
    VLAI
    Title
    Cisco Email Security Appliance Denial Of Service Vulnerability
    Summary
    A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco&nbsp;AsyncOS software for Cisco&nbsp;Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: N/A
    Create a notification for this product.
    cisco secure_email Affected: 0 , ≤ 13.5.1-277 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "13.5.1-277",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T16:30:29.514984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:32:04.999Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco\u0026nbsp;AsyncOS software for Cisco\u0026nbsp;Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.\r\nThe vulnerability is due to inefficient processing of incoming TLS traffic. An attacker could exploit this vulnerability by sending a series of crafted TLS packets to an affected device. A successful exploit could allow the attacker to trigger a prolonged state of high CPU utilization. The affected device would still be operative, but response time and overall performance may be degraded.There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:53:40.744Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-tls-dos-xW53TBhb",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-tls-dos-xW53TBhb"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-tls-dos-xW53TBhb",
            "defects": [
              "CSCvu35999"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Email Security Appliance Denial Of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3548",
        "datePublished": "2024-11-18T15:53:40.744Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:32:04.999Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from cvelistv5 – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20429 (GCVE-0-2024-20429)

    Vulnerability from cvelistv5 – Published: 2024-07-17 16:29 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary system commands on an affected device. This vulnerability is due to insufficient input validation in certain portions of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To successfully exploit this vulnerability, an attacker would need at least valid Operator credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
        cpe:2.3:a:cisco:secure_email:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.0.3-238"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-069"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-131"
                  },
                  {
                    "status": "affected",
                    "version": "11.1.0-128"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.0-419"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-071"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-087"
                  },
                  {
                    "status": "affected",
                    "version": "12.1.0-089"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.0-392"
                  },
                  {
                    "status": "affected",
                    "version": "13.0.5-007"
                  },
                  {
                    "status": "affected",
                    "version": "13.5.1-277"
                  },
                  {
                    "status": "affected",
                    "version": "13.5.4-038"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.0-066"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.4-041"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.3-041"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.0-698"
                  },
                  {
                    "status": "affected",
                    "version": "14.2.0-620"
                  },
                  {
                    "status": "affected",
                    "version": "14.2.1-020"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20429",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T03:55:39.760Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:41.996Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-priv-esc-ssti-xNO2EOGZ"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary system commands on an affected device.\r\n\r This vulnerability is due to insufficient input validation in certain portions of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To successfully exploit this vulnerability, an attacker would need at least valid Operator credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:29:18.884Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-priv-esc-ssti-xNO2EOGZ"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-priv-esc-ssti-xNO2EOGZ",
            "defects": [
              "CSCwf61949"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20429",
        "datePublished": "2024-07-17T16:29:18.884Z",
        "dateReserved": "2023-11-08T15:08:07.666Z",
        "dateUpdated": "2024-08-01T21:59:41.996Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20401 (GCVE-0-2024-20401)

    Vulnerability from cvelistv5 – Published: 2024-07-17 16:26 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device. Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: N/A
    Create a notification for this product.
    cisco secure_email Affected: 0 , < 15.5.1-055 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThan": "15.5.1-055",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20401",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-18T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-19T03:55:39.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.233Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-afw-bGG2UsjH",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system.\r\n\r This vulnerability is due to improper handling of email attachments when file analysis and content filters are enabled. An attacker could exploit this vulnerability by sending an email that contains a crafted attachment through an affected device. A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.\r\n\r Note: Manual intervention is required to recover from the DoS condition. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "Absolute Path Traversal",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:26:38.305Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-afw-bGG2UsjH",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-afw-bGG2UsjH",
            "defects": [
              "CSCwj53998"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20401",
        "datePublished": "2024-07-17T16:26:38.305Z",
        "dateReserved": "2023-11-08T15:08:07.660Z",
        "dateUpdated": "2024-08-01T21:59:42.233Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20257 (GCVE-0-2024-20257)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:58 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20257",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T16:02:05.959708Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:16.569Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.675Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:58:59.579Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf73258"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20257",
        "datePublished": "2024-05-15T17:58:59.579Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.675Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20258 (GCVE-0-2024-20258)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:32 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238 , ≤ 15.5.0-048 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco secure_email_and_web_manager Affected: 9.0.0-087 , ≤ 15.0.0-334 (custom)
        cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.5.0-048",
                    "status": "affected",
                    "version": "11.0.3-238",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email_and_web_manager",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.0.0-334",
                    "status": "affected",
                    "version": "9.0.0-087",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:18:20.336833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:25.043Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:32:16.125Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf84882",
              "CSCwj12619",
              "CSCwf93368"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20258",
        "datePublished": "2024-05-15T17:32:16.125Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20392 (GCVE-0-2024-20392)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:22 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to insufficient input validation of some parameters that are passed to the web-based management API of the affected system. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to perform cross-site scripting (XSS) attacks, resulting in the execution of arbitrary script code in the browser of the targeted user, or could allow the attacker to access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20392",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T19:20:56.899213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:31.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.424Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-http-split-GLrnnOwS",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. \r\n\r This vulnerability is due to insufficient input validation of some parameters that are passed to the web-based management API of the affected system. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to perform cross-site scripting (XSS) attacks, resulting in the execution of arbitrary script code in the browser of the targeted user, or could allow the attacker to access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-113",
                  "description": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:22:39.980Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-http-split-GLrnnOwS",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-http-split-GLrnnOwS"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-http-split-GLrnnOwS",
            "defects": [
              "CSCwh12975"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20392",
        "datePublished": "2024-05-15T17:22:39.980Z",
        "dateReserved": "2023-11-08T15:08:07.659Z",
        "dateUpdated": "2024-08-01T21:59:42.424Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-26082 (GCVE-0-2020-26082)

    Vulnerability from cvelistv5 – Published: 2023-08-04 20:49 – Updated: 2025-07-09 13:37
    VLAI
    Summary
    A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device. The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:49:06.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-zip-bypass-gbU4gtTg",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-zip-bypass-gbU4gtTg"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-26082",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-09T13:37:36.322682Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-09T13:37:52.867Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass content filters that are configured on an affected device.\r\n The vulnerability is due to improper handling of password-protected zip files. An attacker could exploit this vulnerability by sending a malicious file inside a crafted zip-compressed file to an affected device. A successful exploit could allow the attacker to bypass configured content filters that would normally drop the email."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:04.488Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-zip-bypass-gbU4gtTg",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-zip-bypass-gbU4gtTg"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-zip-bypass-gbU4gtTg",
            "defects": [
              "CSCvv38679"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-26082",
        "datePublished": "2023-08-04T20:49:05.202Z",
        "dateReserved": "2020-09-24T00:00:00.000Z",
        "dateUpdated": "2025-07-09T13:37:52.867Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }