Search

Find a vulnerability

Search criteria

    32 vulnerabilities found for Cisco Secure Email and Web Manager by Cisco

    CVE-2025-20393 (GCVE-0-2025-20393)

    Vulnerability from nvd – Published: 2025-12-17 16:47 – Updated: 2026-02-26 16:07
    VLAI CISA KEVIntel
    Title
    Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability
    Summary
    A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Affected: 15.5.3-022
    Affected: 16.0.1-017
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Affected: 15.5.3-017
    Affected: 16.0.1-010
    Affected: 15.0.1-035
    Affected: 16.0.2-088
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20393",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-18T04:55:22.327258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-12-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:31.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-017"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-017"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-010"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-035"
                },
                {
                  "status": "affected",
                  "version": "16.0.2-088"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with\u0026nbsp;root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In December 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of potentially malicious activity that targets Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T16:32:03.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sma-attack-N9bf4",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sma-attack-N9bf4",
            "defects": [
              "CSCws36549"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20393",
        "datePublished": "2025-12-17T16:47:13.128Z",
        "dateReserved": "2024-10-10T19:15:13.266Z",
        "dateUpdated": "2026-02-26T16:07:31.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-3122 (GCVE-0-2020-3122)

    Vulnerability from nvd – Published: 2025-03-04 18:22 – Updated: 2025-03-04 18:27
    VLAI
    Title
    Cisco Content Security Management Appliance Information Disclosure Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3122",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-04T18:26:53.334394Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-04T18:27:11.025Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IronPort Security Management Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0(Ritz)-128"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              },
              "format": "cvssV3_0"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-04T18:22:12.411Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "CSCvr92383",
              "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383"
            }
          ],
          "source": {
            "advisory": "",
            "defects": [
              "CSCvr92383"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Content Security Management Appliance Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3122",
        "datePublished": "2025-03-04T18:22:12.411Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2025-03-04T18:27:11.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from nvd – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20180 (GCVE-0-2025-20180)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:20
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:20:31.169165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:20:45.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:11.746Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-xss-WCk2WcuG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-xss-WCk2WcuG",
            "defects": [
              "CSCwn25954"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20180",
        "datePublished": "2025-02-05T16:14:11.746Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:20:45.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1425 (GCVE-0-2021-1425)

    Vulnerability from nvd – Published: 2024-11-18 15:36 – Updated: 2024-11-18 15:58
    VLAI
    Title
    Cisco Cisco Email Security Appliance and Content Security Management Appliance Information Disclosure Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Exposure of Sensitive Information Through Sent Data
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1425",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T15:58:03.148324Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T15:58:19.973Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;AsyncOS Software for Cisco\u0026nbsp;Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.\r\nThe vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "Exposure of Sensitive Information Through Sent Data",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:36:48.271Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
            "defects": [
              "CSCvw39308"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Cisco Email Security Appliance and  Content Security Management Appliance Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1425",
        "datePublished": "2024-11-18T15:36:48.271Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T15:58:19.973Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from nvd – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20383 (GCVE-0-2024-20383)

    Vulnerability from nvd – Published: 2024-05-15 17:59 – Updated: 2025-08-08 12:36
    VLAI
    Title
    Cisco Secure Email and Web Manager Stored Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-078
    Affected: 13.0.0-277
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20383",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T18:50:56.053580Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:43.042Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-08T12:36:42.359Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwi59618"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager Stored Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20383",
        "datePublished": "2024-05-15T17:59:49.921Z",
        "dateReserved": "2023-11-08T15:08:07.658Z",
        "dateUpdated": "2025-08-08T12:36:42.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20258 (GCVE-0-2024-20258)

    Vulnerability from nvd – Published: 2024-05-15 17:32 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238 , ≤ 15.5.0-048 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco secure_email_and_web_manager Affected: 9.0.0-087 , ≤ 15.0.0-334 (custom)
        cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.5.0-048",
                    "status": "affected",
                    "version": "11.0.3-238",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email_and_web_manager",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.0.0-334",
                    "status": "affected",
                    "version": "9.0.0-087",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:18:20.336833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:25.043Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:32:16.125Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf84882",
              "CSCwj12619",
              "CSCwf93368"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20258",
        "datePublished": "2024-05-15T17:32:16.125Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20256 (GCVE-0-2024-20256)

    Vulnerability from nvd – Published: 2024-05-15 17:56 – Updated: 2024-08-15 15:29
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 15.0.0-322
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20256",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T18:47:15.332751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T15:29:20.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\rThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:56:38.074Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwe88788",
              "CSCwe91887"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20256",
        "datePublished": "2024-05-15T17:56:38.074Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-15T15:29:20.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20119 (GCVE-0-2023-20119)

    Vulnerability from nvd – Published: 2023-06-28 00:00 – Updated: 2024-11-21 21:41
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:36.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-30T15:42:48.824595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-21T21:41:13.822Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:47.107Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
            "defects": [
              "CSCwe12624"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20119",
        "datePublished": "2023-06-28T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-11-21T21:41:13.822Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20009 (GCVE-0-2023-20009)

    Vulnerability from nvd – Published: 2023-02-16 15:25 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.597Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].\r\n\r The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:30.327Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
            "defects": [
              "CSCwd29901",
              "CSCwd29905"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20009",
        "datePublished": "2023-02-16T15:25:13.820Z",
        "dateReserved": "2022-10-27T18:47:50.307Z",
        "dateUpdated": "2024-08-02T08:57:35.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20942 (GCVE-0-2022-20942)

    Vulnerability from nvd – Published: 2022-11-03 19:30 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.\r\n\r This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:18.446Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
            "defects": [
              "CSCwc43106",
              "CSCwc43102",
              "CSCwc43104"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20942",
        "datePublished": "2022-11-03T19:30:36.424Z",
        "dateReserved": "2021-11-02T13:28:29.193Z",
        "dateUpdated": "2024-08-03T02:31:59.271Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20868 (GCVE-0-2022-20868)

    Vulnerability from nvd – Published: 2022-11-03 19:29 – Updated: 2024-08-03 02:24
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 14.5.0-498
    Affected: 14.0.2-012
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. \r\n\r\nThis vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.\r\n"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:11.853Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
            "defects": [
              "CSCwc12181",
              "CSCwc12183",
              "CSCwc12184"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20868",
        "datePublished": "2022-11-03T19:29:31.722Z",
        "dateReserved": "2021-11-02T13:28:29.182Z",
        "dateUpdated": "2024-08-03T02:24:50.239Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20867 (GCVE-0-2022-20867)

    Vulnerability from nvd – Published: 2022-11-03 19:28 – Updated: 2024-11-20 14:32
    VLAI
    Summary
    A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.251Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20867",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T20:30:59.948121Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-20T14:32:35.941Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account. \r\n\r This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.\r\n"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:11.549Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
            "defects": [
              "CSCwc12185",
              "CSCwc12186"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20867",
        "datePublished": "2022-11-03T19:28:53.428Z",
        "dateReserved": "2021-11-02T13:28:29.182Z",
        "dateUpdated": "2024-11-20T14:32:35.941Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20772 (GCVE-0-2022-20772)

    Vulnerability from nvd – Published: 2022-11-03 19:32 – Updated: 2024-10-25 16:04
    VLAI
    Summary
    A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 13.5.1-277
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:49.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-25T14:36:51.994449Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T16:04:54.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack.\r\n\r This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-113",
                  "description": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:07.057Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
            "defects": [
              "CSCwa84908",
              "CSCvz24026"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20772",
        "datePublished": "2022-11-03T19:32:24.728Z",
        "dateReserved": "2021-11-02T13:28:29.103Z",
        "dateUpdated": "2024-10-25T16:04:54.024Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20393 (GCVE-0-2025-20393)

    Vulnerability from cvelistv5 – Published: 2025-12-17 16:47 – Updated: 2026-02-26 16:07
    VLAI CISA KEVIntel
    Title
    Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability
    Summary
    A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Affected: 15.5.3-022
    Affected: 16.0.1-017
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Affected: 15.5.3-017
    Affected: 16.0.1-010
    Affected: 15.0.1-035
    Affected: 16.0.2-088
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20393",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-18T04:55:22.327258Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-12-17",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T16:07:31.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-017"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-017"
                },
                {
                  "status": "affected",
                  "version": "16.0.1-010"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-035"
                },
                {
                  "status": "affected",
                  "version": "16.0.2-088"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with\u0026nbsp;root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In December 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of potentially malicious activity that targets Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-15T16:32:03.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-sma-attack-N9bf4",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"
            }
          ],
          "source": {
            "advisory": "cisco-sa-sma-attack-N9bf4",
            "defects": [
              "CSCws36549"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20393",
        "datePublished": "2025-12-17T16:47:13.128Z",
        "dateReserved": "2024-10-10T19:15:13.266Z",
        "dateUpdated": "2026-02-26T16:07:31.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-3122 (GCVE-0-2020-3122)

    Vulnerability from cvelistv5 – Published: 2025-03-04 18:22 – Updated: 2025-03-04 18:27
    VLAI
    Title
    Cisco Content Security Management Appliance Information Disclosure Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3122",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-04T18:26:53.334394Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-04T18:27:11.025Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco IronPort Security Management Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0(Ritz)-128"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              },
              "format": "cvssV3_0"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-04T18:22:12.411Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "CSCvr92383",
              "url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383"
            }
          ],
          "source": {
            "advisory": "",
            "defects": [
              "CSCvr92383"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Content Security Management Appliance Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3122",
        "datePublished": "2025-03-04T18:22:12.411Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2025-03-04T18:27:11.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20180 (GCVE-0-2025-20180)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:20
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 16.0.0-050
    Affected: 15.0.3-002
    Affected: 16.0.0-054
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Affected: 16.0.0-195
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20180",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:20:31.169165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:20:45.616Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-050"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-054"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                },
                {
                  "status": "affected",
                  "version": "16.0.0-195"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:11.746Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-xss-WCk2WcuG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-xss-WCk2WcuG",
            "defects": [
              "CSCwn25954"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20180",
        "datePublished": "2025-02-05T16:14:11.746Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:20:45.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1425 (GCVE-0-2021-1425)

    Vulnerability from cvelistv5 – Published: 2024-11-18 15:36 – Updated: 2024-11-18 15:58
    VLAI
    Title
    Cisco Cisco Email Security Appliance and Content Security Management Appliance Information Disclosure Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-201 - Exposure of Sensitive Information Through Sent Data
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1425",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T15:58:03.148324Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T15:58:19.973Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;AsyncOS Software for Cisco\u0026nbsp;Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.\r\nThe vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-201",
                  "description": "Exposure of Sensitive Information Through Sent Data",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:36:48.271Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
            "defects": [
              "CSCvw39308"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Cisco Email Security Appliance and  Content Security Management Appliance Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1425",
        "datePublished": "2024-11-18T15:36:48.271Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T15:58:19.973Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from cvelistv5 – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20383 (GCVE-0-2024-20383)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:59 – Updated: 2025-08-08 12:36
    VLAI
    Title
    Cisco Secure Email and Web Manager Stored Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-078
    Affected: 13.0.0-277
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20383",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T18:50:56.053580Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:43.042Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.314Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-08T12:36:42.359Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwi59618"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager Stored Cross-Site Scripting Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20383",
        "datePublished": "2024-05-15T17:59:49.921Z",
        "dateReserved": "2023-11-08T15:08:07.658Z",
        "dateUpdated": "2025-08-08T12:36:42.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20256 (GCVE-0-2024-20256)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:56 – Updated: 2024-08-15 15:29
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 15.0.0-322
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20256",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T18:47:15.332751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T15:29:20.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\rThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:56:38.074Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwe88788",
              "CSCwe91887"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20256",
        "datePublished": "2024-05-15T17:56:38.074Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-15T15:29:20.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20258 (GCVE-0-2024-20258)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:32 – Updated: 2024-08-01 21:52
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.0.5-007
    Affected: 13.5.1-277
    Affected: 13.5.4-038
    Affected: 12.5.0-066
    Affected: 12.5.4-041
    Affected: 12.5.3-041
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    cisco secure_email Affected: 11.0.3-238 , ≤ 15.5.0-048 (custom)
        cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*
    Create a notification for this product.
    cisco secure_email_and_web_manager Affected: 9.0.0-087 , ≤ 15.0.0-334 (custom)
        cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.5.0-048",
                    "status": "affected",
                    "version": "11.0.3-238",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_email_and_web_manager",
                "vendor": "cisco",
                "versions": [
                  {
                    "lessThanOrEqual": "15.0.0-334",
                    "status": "affected",
                    "version": "9.0.0-087",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-16T17:18:20.336833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-04T17:40:25.043Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-041"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:32:16.125Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwf84882",
              "CSCwj12619",
              "CSCwf93368"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20258",
        "datePublished": "2024-05-15T17:32:16.125Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-01T21:52:31.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20119 (GCVE-0-2023-20119)

    Vulnerability from cvelistv5 – Published: 2023-06-28 00:00 – Updated: 2024-11-21 21:41
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:36.063Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20119",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-30T15:42:48.824595Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-21T21:41:13.822Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:47.107Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
            "defects": [
              "CSCwe12624"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20119",
        "datePublished": "2023-06-28T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-11-21T21:41:13.822Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20009 (GCVE-0-2023-20009)

    Vulnerability from cvelistv5 – Published: 2023-02-16 15:25 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.597Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].\r\n\r The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:30.327Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
            "defects": [
              "CSCwd29901",
              "CSCwd29905"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20009",
        "datePublished": "2023-02-16T15:25:13.820Z",
        "dateReserved": "2022-10-27T18:47:50.307Z",
        "dateUpdated": "2024-08-02T08:57:35.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20772 (GCVE-0-2022-20772)

    Vulnerability from cvelistv5 – Published: 2022-11-03 19:32 – Updated: 2024-10-25 16:04
    VLAI
    Summary
    A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 13.5.1-277
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:49.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-25T14:36:51.994449Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T16:04:54.024Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack.\r\n\r This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-113",
                  "description": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:07.057Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ESA-HTTP-Inject-nvsycUmR",
            "defects": [
              "CSCwa84908",
              "CSCvz24026"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20772",
        "datePublished": "2022-11-03T19:32:24.728Z",
        "dateReserved": "2021-11-02T13:28:29.103Z",
        "dateUpdated": "2024-10-25T16:04:54.024Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20942 (GCVE-0-2022-20942)

    Vulnerability from cvelistv5 – Published: 2022-11-03 19:30 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.\r\n\r This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:18.446Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
            "defects": [
              "CSCwc43106",
              "CSCwc43102",
              "CSCwc43104"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20942",
        "datePublished": "2022-11-03T19:30:36.424Z",
        "dateReserved": "2021-11-02T13:28:29.193Z",
        "dateUpdated": "2024-08-03T02:31:59.271Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }