Search

Find a vulnerability

Search criteria

    30 vulnerabilities found for Cisco Secure Web Appliance by Cisco

    CVE-2026-20152 (GCVE-0-2026-20152)

    Vulnerability from nvd – Published: 2026-04-15 16:03 – Updated: 2026-04-16 19:05
    VLAI
    Title
    Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability
    Summary
    A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements. This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-305 - Authentication Bypass by Primary Weakness
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Affected: 15.2.2-009
    Affected: 15.2.3-007
    Affected: 15.2.4-022
    Affected: 15.2.5-011
    Affected: 15.2.5-013
    Affected: 14.6.0-108
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20152",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T16:47:46.764093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T16:56:35.035Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                },
                {
                  "status": "affected",
                  "version": "15.2.2-009"
                },
                {
                  "status": "affected",
                  "version": "15.2.3-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.4-022"
                },
                {
                  "status": "affected",
                  "version": "15.2.5-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.5-013"
                },
                {
                  "status": "affected",
                  "version": "14.6.0-108"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.\r\n\r\nThis vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-305",
                  "description": "Authentication Bypass by Primary Weakness",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T19:05:18.524Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-auth-bypass-6YZkTQhd",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-auth-bypass-6YZkTQhd",
            "defects": [
              "CSCwr20696"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20152",
        "datePublished": "2026-04-15T16:03:43.828Z",
        "dateReserved": "2025-10-08T11:59:15.386Z",
        "dateUpdated": "2026-04-16T19:05:18.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20056 (GCVE-0-2026-20056)

    Vulnerability from nvd – Published: 2026-02-04 16:11 – Updated: 2026-02-04 16:40
    VLAI
    Title
    Cisco Secure Web Appliance TBD Bypass Vulnerability
    Summary
    A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file. 
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-494 - Download of Code Without Integrity Check
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Affected: 15.2.2-009
    Affected: 15.5.0-566
    Affected: 15.2.3-007
    Affected: 15.5.0-574
    Affected: 15.5.0-710
    Affected: 15.2.4-022
    Affected: 15.5.1-002
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20056",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-04T16:40:05.362057Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-04T16:40:11.391Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                },
                {
                  "status": "affected",
                  "version": "15.2.2-009"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-566"
                },
                {
                  "status": "affected",
                  "version": "15.2.3-007"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-574"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-710"
                },
                {
                  "status": "affected",
                  "version": "15.2.4-022"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-002"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.\r\n\r\nThis vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-494",
                  "description": "Download of Code Without Integrity Check",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-04T16:11:48.273Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-archive-bypass-Scx2e8zF"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
            "defects": [
              "CSCwq69761"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance TBD  Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20056",
        "datePublished": "2026-02-04T16:11:48.273Z",
        "dateReserved": "2025-10-08T11:59:15.356Z",
        "dateUpdated": "2026-02-04T16:40:11.391Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from nvd – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20184 (GCVE-0-2025-20184)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Affected: 15.5.3-022
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:57.945223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:15.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:30.863Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70559"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20184",
        "datePublished": "2025-02-05T16:14:30.863Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:15.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20183 (GCVE-0-2025-20183)

    Vulnerability from nvd – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Web Appliance Range Request Bypass Vulnerability
    Summary
    A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20183",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:00:32.365680Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:50.686Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.\u0026nbsp;\r\n\r\nThe vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:21.787Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-swa-range-bypass-2BsEHYSu",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
            }
          ],
          "source": {
            "advisory": "cisco-sa-swa-range-bypass-2BsEHYSu",
            "defects": [
              "CSCwk58287"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Range Request Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20183",
        "datePublished": "2025-02-05T16:14:21.787Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:50.686Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20871 (GCVE-0-2022-20871)

    Vulnerability from nvd – Published: 2024-11-15 15:27 – Updated: 2024-11-15 15:35
    VLAI
    Title
    Cisco Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see .
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 12.5.3-002
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 12.5.1-011
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20871",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T15:35:06.319558Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T15:35:23.825Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web management interface of Cisco\u0026nbsp;AsyncOS for Cisco\u0026nbsp;Secure Web Appliance, formerly Cisco\u0026nbsp;Web Security Appliance (WSA),\u0026nbsp;could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root.\r\nThis vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see ."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T15:27:14.028Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-prv-esc-8PdRU8t8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-8PdRU8t8"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-prv-esc-8PdRU8t8",
            "defects": [
              "CSCwb92675"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20871",
        "datePublished": "2024-11-15T15:27:14.028Z",
        "dateReserved": "2021-11-02T13:28:29.183Z",
        "dateUpdated": "2024-11-15T15:35:23.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from nvd – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20435 (GCVE-0-2024-20435)

    Vulnerability from nvd – Published: 2024-07-17 16:27 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.5.2-011
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 14.0.5-007
    Affected: 15.0.0-322
    Affected: 15.0.0-355
    Affected: 15.1.0-287
    Create a notification for this product.
    cisco secure_web_appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.1-049
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.1-011
    Affected: 12.5.2-007
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.0.2-012
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.0.5-007
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.5.2-011
    Affected: 15.0.0-322
    Affected: 15.0.0-355
    Affected: 15.1.0-287
        cpe:2.3:h:cisco:secure_web_appliance:11.7.0-406:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.0-418:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-006:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-020:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-049:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.2-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.0-414:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.1-023:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.3-018:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.3-021:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.0.1-268:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.0.3-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.1-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.2-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.4-005:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.5-004:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.6-008:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.2-012:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.3-014:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.4-005:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.5-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.0-498:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.1-016:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.2-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.0.0-322:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.0.0-355:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.1.0-287:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.0-406:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.0-418:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-006:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-020:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-049:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.2-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.0-414:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.1-023:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.3-018:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.3-021:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.0.1-268:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.0.3-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.1-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.2-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.4-005:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.5-004:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.6-008:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.2-012:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.3-014:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.4-005:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.5-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.0-498:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.1-016:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.2-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.0.0-322:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.0.0-355:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.1.0-287:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_web_appliance",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.7.0-406"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.0-418"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-006"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-020"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-049"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.2-011"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.0-414"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.1-023"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.3-018"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.3-021"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.1-268"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.3-007"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.1-011"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.2-007"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.4-005"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.5-004"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.6-008"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.2-012"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.3-014"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.4-005"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.5-007"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.0-498"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.1-016"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.2-011"
                  },
                  {
                    "status": "affected",
                    "version": "15.0.0-322"
                  },
                  {
                    "status": "affected",
                    "version": "15.0.0-355"
                  },
                  {
                    "status": "affected",
                    "version": "15.1.0-287"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20435",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T17:15:02.287832Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T17:28:04.667Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.297Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-swa-priv-esc-7uHpZsCC",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-priv-esc-7uHpZsCC"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:27:59.858Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-swa-priv-esc-7uHpZsCC",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-priv-esc-7uHpZsCC"
            }
          ],
          "source": {
            "advisory": "cisco-sa-swa-priv-esc-7uHpZsCC",
            "defects": [
              "CSCwj30015"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20435",
        "datePublished": "2024-07-17T16:27:59.858Z",
        "dateReserved": "2023-11-08T15:08:07.667Z",
        "dateUpdated": "2024-08-01T21:59:42.297Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20256 (GCVE-0-2024-20256)

    Vulnerability from nvd – Published: 2024-05-15 17:56 – Updated: 2024-08-15 15:29
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 15.0.0-322
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20256",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T18:47:15.332751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T15:29:20.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\rThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:56:38.074Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwe88788",
              "CSCwe91887"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20256",
        "datePublished": "2024-05-15T17:56:38.074Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-15T15:29:20.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20215 (GCVE-0-2023-20215)

    Vulnerability from nvd – Published: 2023-08-03 21:16 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
    CWE
    • CWE-202 - Exposure of Sensitive Information Through Data Queries
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:35.594Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-wsa-bypass-vXvqwzsj",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-202",
                  "description": "Exposure of Sensitive Information Through Data Queries",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:58:20.215Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-bypass-vXvqwzsj",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-bypass-vXvqwzsj",
            "defects": [
              "CSCwf60901",
              "CSCwf55917",
              "CSCwf94501"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20215",
        "datePublished": "2023-08-03T21:16:38.159Z",
        "dateReserved": "2022-10-27T18:47:50.368Z",
        "dateUpdated": "2024-08-02T09:05:35.594Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20032 (GCVE-0-2023-20032)

    Vulnerability from nvd – Published: 2023-02-16 15:24 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Create a notification for this product.
    Cisco Cisco Secure Endpoint Affected: 6.1.9
    Affected: 6.2.5
    Affected: 6.3.7
    Affected: 6.3.3
    Affected: 7.0.5
    Affected: 7.1.1
    Affected: 1.12.1
    Affected: 1.12.2
    Affected: 1.12.3
    Affected: 1.12.7
    Affected: 1.12.4
    Affected: 1.11.0
    Affected: 1.10.2
    Affected: 1.10.0
    Affected: 1.14.0
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.8.1
    Affected: 1.8.0
    Affected: 1.7.0
    Affected: 7.2.13
    Affected: 7.3.5
    Create a notification for this product.
    Cisco Cisco Secure Endpoint Private Cloud Administration Portal Affected: N/A
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-clamav-q8DThCy",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            },
            {
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                }
              ]
            },
            {
              "product": "Cisco Secure Endpoint Private Cloud Administration Portal",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a proof-of-concept is available that demonstrates that this vulnerability can be used to cause a buffer overflow and subsequent process termination.\r\n\r\nAdditional technical information is also available that describes this vulnerability in detail.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:34.558Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-q8DThCy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-q8DThCy",
            "defects": [
              "CSCwd74135",
              "CSCwd74134",
              "CSCwd74133",
              "CSCwe18204",
              "CSCwd74132"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20032",
        "datePublished": "2023-02-16T15:24:05.173Z",
        "dateReserved": "2022-10-27T18:47:50.315Z",
        "dateUpdated": "2024-08-02T08:57:35.875Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20952 (GCVE-0-2022-20952)

    Vulnerability from nvd – Published: 2023-02-16 15:27 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-wsa-bypass-bwBfugek",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:24.396Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-bypass-bwBfugek",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-bypass-bwBfugek",
            "defects": [
              "CSCwc54898"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20952",
        "datePublished": "2023-02-16T15:27:16.003Z",
        "dateReserved": "2021-11-02T13:28:29.194Z",
        "dateUpdated": "2024-08-03T02:31:59.019Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20942 (GCVE-0-2022-20942)

    Vulnerability from nvd – Published: 2022-11-03 19:30 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.\r\n\r This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:18.446Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
            "defects": [
              "CSCwc43106",
              "CSCwc43102",
              "CSCwc43104"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20942",
        "datePublished": "2022-11-03T19:30:36.424Z",
        "dateReserved": "2021-11-02T13:28:29.193Z",
        "dateUpdated": "2024-08-03T02:31:59.271Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20868 (GCVE-0-2022-20868)

    Vulnerability from nvd – Published: 2022-11-03 19:29 – Updated: 2024-08-03 02:24
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 14.5.0-498
    Affected: 14.0.2-012
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. \r\n\r\nThis vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.\r\n"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:11.853Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
            "defects": [
              "CSCwc12181",
              "CSCwc12183",
              "CSCwc12184"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20868",
        "datePublished": "2022-11-03T19:29:31.722Z",
        "dateReserved": "2021-11-02T13:28:29.182Z",
        "dateUpdated": "2024-08-03T02:24:50.239Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-20152 (GCVE-0-2026-20152)

    Vulnerability from cvelistv5 – Published: 2026-04-15 16:03 – Updated: 2026-04-16 19:05
    VLAI
    Title
    Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability
    Summary
    A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements. This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-305 - Authentication Bypass by Primary Weakness
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Affected: 15.2.2-009
    Affected: 15.2.3-007
    Affected: 15.2.4-022
    Affected: 15.2.5-011
    Affected: 15.2.5-013
    Affected: 14.6.0-108
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20152",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-15T16:47:46.764093Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-15T16:56:35.035Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                },
                {
                  "status": "affected",
                  "version": "15.2.2-009"
                },
                {
                  "status": "affected",
                  "version": "15.2.3-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.4-022"
                },
                {
                  "status": "affected",
                  "version": "15.2.5-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.5-013"
                },
                {
                  "status": "affected",
                  "version": "14.6.0-108"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.\r\n\r\nThis vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-305",
                  "description": "Authentication Bypass by Primary Weakness",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T19:05:18.524Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-auth-bypass-6YZkTQhd",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-auth-bypass-6YZkTQhd",
            "defects": [
              "CSCwr20696"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20152",
        "datePublished": "2026-04-15T16:03:43.828Z",
        "dateReserved": "2025-10-08T11:59:15.386Z",
        "dateUpdated": "2026-04-16T19:05:18.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20056 (GCVE-0-2026-20056)

    Vulnerability from cvelistv5 – Published: 2026-02-04 16:11 – Updated: 2026-02-04 16:40
    VLAI
    Title
    Cisco Secure Web Appliance TBD Bypass Vulnerability
    Summary
    A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded. This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file. 
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-494 - Download of Code Without Integrity Check
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Affected: 15.2.2-009
    Affected: 15.5.0-566
    Affected: 15.2.3-007
    Affected: 15.5.0-574
    Affected: 15.5.0-710
    Affected: 15.2.4-022
    Affected: 15.5.1-002
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20056",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-04T16:40:05.362057Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-04T16:40:11.391Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                },
                {
                  "status": "affected",
                  "version": "15.2.2-009"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-566"
                },
                {
                  "status": "affected",
                  "version": "15.2.3-007"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-574"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-710"
                },
                {
                  "status": "affected",
                  "version": "15.2.4-022"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-002"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.\r\n\r\nThis vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-494",
                  "description": "Download of Code Without Integrity Check",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-04T16:11:48.273Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-archive-bypass-Scx2e8zF"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
            "defects": [
              "CSCwq69761"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance TBD  Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20056",
        "datePublished": "2026-02-04T16:11:48.273Z",
        "dateReserved": "2025-10-08T11:59:15.356Z",
        "dateUpdated": "2026-02-04T16:40:11.391Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20207 (GCVE-0-2025-20207)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
    VLAI
    Title
    Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
    Summary
    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20207",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:57:37.294661Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:57:53.809Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:15:06.012Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
            "defects": [
              "CSCwk60819"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20207",
        "datePublished": "2025-02-05T16:15:06.012Z",
        "dateReserved": "2024-10-10T19:15:13.230Z",
        "dateUpdated": "2025-02-05T16:57:53.809Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20185 (GCVE-0-2025-20185)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 16:59
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 13.6.2-023
    Affected: 13.6.2-078
    Affected: 13.0.0-249
    Affected: 13.0.0-277
    Affected: 13.8.1-052
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 14.0.0-404
    Affected: 12.8.1-002
    Affected: 14.1.0-227
    Affected: 13.6.1-201
    Affected: 14.2.0-203
    Affected: 14.2.0-212
    Affected: 12.8.1-021
    Affected: 13.8.1-108
    Affected: 14.2.0-224
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Affected: 15.5.2-005
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20185",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:20.922545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T16:59:47.445Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.6.2-023"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-249"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-052"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "13.6.1-201"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-203"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-005"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:38.541Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70576"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20185",
        "datePublished": "2025-02-05T16:14:38.541Z",
        "dateReserved": "2024-10-10T19:15:13.226Z",
        "dateUpdated": "2025-02-05T16:59:47.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20184 (GCVE-0-2025-20184)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials. This vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 13.5.1-277
    Affected: 13.0.0-392
    Affected: 14.2.0-620
    Affected: 13.0.5-007
    Affected: 13.5.4-038
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Affected: 15.5.2-018
    Affected: 15.0.3-002
    Affected: 15.5.3-022
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 15.0.1-004
    Affected: 15.2.1-011
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20184",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T16:59:57.945223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:15.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "13.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "13.5.4-038"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                },
                {
                  "status": "affected",
                  "version": "15.5.2-018"
                },
                {
                  "status": "affected",
                  "version": "15.0.3-002"
                },
                {
                  "status": "affected",
                  "version": "15.5.3-022"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-004"
                },
                {
                  "status": "affected",
                  "version": "15.2.1-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:30.863Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34",
            "defects": [
              "CSCwk70559"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20184",
        "datePublished": "2025-02-05T16:14:30.863Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:15.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-20183 (GCVE-0-2025-20183)

    Vulnerability from cvelistv5 – Published: 2025-02-05 16:14 – Updated: 2025-02-05 17:00
    VLAI
    Title
    Cisco Secure Web Appliance Range Request Bypass Vulnerability
    Summary
    A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-453
    Affected: 12.5.3-002
    Affected: 12.0.3-007
    Affected: 12.0.3-005
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 12.0.4-002
    Affected: 14.0.2-012
    Affected: 11.8.0-414
    Affected: 12.0.1-268
    Affected: 11.8.1-023
    Affected: 11.8.3-021
    Affected: 11.8.3-018
    Affected: 12.5.1-011
    Affected: 11.8.4-004
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Affected: 12.0.5-011
    Affected: 14.0.3-014
    Affected: 12.5.5-004
    Affected: 12.5.5-005
    Affected: 12.5.5-008
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 12.5.6-008
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 12.0.2-012
    Affected: 12.0.2-004
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Affected: 14.5.0-673
    Affected: 14.5.0-537
    Affected: 12.0.1-334
    Affected: 14.0.1-503
    Affected: 14.0.1-053
    Affected: 11.8.0-429
    Affected: 14.0.1-040
    Affected: 14.0.1-014
    Affected: 12.5.1-043
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20183",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-05T17:00:32.365680Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-05T17:00:50.686Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-453"
                },
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-005"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "12.0.4-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.4-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                },
                {
                  "status": "affected",
                  "version": "12.0.5-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-008"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.0.2-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-673"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-537"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-334"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-503"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-053"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-429"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-040"
                },
                {
                  "status": "affected",
                  "version": "14.0.1-014"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-043"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.\u0026nbsp;\r\n\r\nThe vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T16:14:21.787Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-swa-range-bypass-2BsEHYSu",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
            }
          ],
          "source": {
            "advisory": "cisco-sa-swa-range-bypass-2BsEHYSu",
            "defects": [
              "CSCwk58287"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Range Request Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20183",
        "datePublished": "2025-02-05T16:14:21.787Z",
        "dateReserved": "2024-10-10T19:15:13.225Z",
        "dateUpdated": "2025-02-05T17:00:50.686Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20871 (GCVE-0-2022-20871)

    Vulnerability from cvelistv5 – Published: 2024-11-15 15:27 – Updated: 2024-11-15 15:35
    VLAI
    Title
    Cisco Secure Web Appliance Privilege Escalation Vulnerability
    Summary
    A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see .
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 12.5.3-002
    Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 12.5.1-011
    Affected: 12.5.2-007
    Affected: 12.5.2-011
    Affected: 14.5.0-498
    Affected: 12.5.4-005
    Affected: 12.5.4-011
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20871",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T15:35:06.319558Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T15:35:23.825Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5.3-002"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-011"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web management interface of Cisco\u0026nbsp;AsyncOS for Cisco\u0026nbsp;Secure Web Appliance, formerly Cisco\u0026nbsp;Web Security Appliance (WSA),\u0026nbsp;could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root.\r\nThis vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see ."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-15T15:27:14.028Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-prv-esc-8PdRU8t8",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-8PdRU8t8"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-prv-esc-8PdRU8t8",
            "defects": [
              "CSCwb92675"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Web Appliance Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20871",
        "datePublished": "2024-11-15T15:27:14.028Z",
        "dateReserved": "2021-11-02T13:28:29.183Z",
        "dateUpdated": "2024-11-15T15:35:23.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20504 (GCVE-0-2024-20504)

    Vulnerability from cvelistv5 – Published: 2024-11-06 16:29 – Updated: 2024-11-06 17:05
    VLAI
    Title
    Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Email Affected: 14.0.0-698
    Affected: 14.2.0-620
    Affected: 14.2.1-020
    Affected: 14.3.0-032
    Affected: 15.0.0-104
    Affected: 15.0.1-030
    Affected: 15.5.0-048
    Affected: 15.5.1-055
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Affected: 15.5.1-024
    Affected: 15.5.1-029
    Create a notification for this product.
    Cisco Cisco Secure Web Appliance Affected: 14.1.0-032
    Affected: 14.1.0-047
    Affected: 14.1.0-041
    Affected: 14.0.2-012
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.5.1-008
    Affected: 14.5.1-016
    Affected: 15.0.0-355
    Affected: 15.0.0-322
    Affected: 15.1.0-287
    Affected: 14.5.2-011
    Affected: 15.2.0-116
    Affected: 14.0.5-007
    Affected: 15.2.0-164
    Affected: 14.5.1-510
    Affected: 14.5.1-607
    Affected: 14.5.3-033
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T17:05:32.372312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T17:05:40.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-032"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-104"
                },
                {
                  "status": "affected",
                  "version": "15.0.1-030"
                },
                {
                  "status": "affected",
                  "version": "15.5.0-048"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-055"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-024"
                },
                {
                  "status": "affected",
                  "version": "15.5.1-029"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "14.1.0-032"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-047"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-041"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-116"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.2.0-164"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-510"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-607"
                },
                {
                  "status": "affected",
                  "version": "14.5.3-033"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-06T16:29:37.791Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n",
            "defects": [
              "CSCwj72814"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20504",
        "datePublished": "2024-11-06T16:29:37.791Z",
        "dateReserved": "2023-11-08T15:08:07.687Z",
        "dateUpdated": "2024-11-06T17:05:40.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20435 (GCVE-0-2024-20435)

    Vulnerability from cvelistv5 – Published: 2024-07-17 16:27 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-250 - Execution with Unnecessary Privileges
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.5.2-011
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 14.0.5-007
    Affected: 15.0.0-322
    Affected: 15.0.0-355
    Affected: 15.1.0-287
    Create a notification for this product.
    cisco secure_web_appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.1-049
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.1-011
    Affected: 12.5.2-007
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.0.2-012
    Affected: 14.0.3-014
    Affected: 14.0.4-005
    Affected: 14.0.5-007
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.5.2-011
    Affected: 15.0.0-322
    Affected: 15.0.0-355
    Affected: 15.1.0-287
        cpe:2.3:h:cisco:secure_web_appliance:11.7.0-406:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.0-418:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-006:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-020:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.1-049:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.7.2-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.0-414:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.1-023:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.3-018:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:11.8.3-021:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.0.1-268:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.0.3-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.1-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.2-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.4-005:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.5-004:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:12.5.6-008:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.2-012:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.3-014:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.4-005:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.0.5-007:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.0-498:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.1-016:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:14.5.2-011:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.0.0-322:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.0.0-355:*:*:*:*:*:*:*
        cpe:2.3:h:cisco:secure_web_appliance:15.1.0-287:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.0-406:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.0-418:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-006:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-020:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.1-049:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.7.2-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.0-414:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.1-023:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.3-018:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:11.8.3-021:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.0.1-268:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.0.3-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.1-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.2-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.4-005:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.5-004:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:12.5.6-008:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.2-012:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.3-014:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.4-005:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.0.5-007:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.0-498:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.1-016:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:14.5.2-011:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.0.0-322:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.0.0-355:*:*:*:*:*:*:*",
                  "cpe:2.3:h:cisco:secure_web_appliance:15.1.0-287:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "secure_web_appliance",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "11.7.0-406"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.0-418"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-006"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-020"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.1-049"
                  },
                  {
                    "status": "affected",
                    "version": "11.7.2-011"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.0-414"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.1-023"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.3-018"
                  },
                  {
                    "status": "affected",
                    "version": "11.8.3-021"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.1-268"
                  },
                  {
                    "status": "affected",
                    "version": "12.0.3-007"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.1-011"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.2-007"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.4-005"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.5-004"
                  },
                  {
                    "status": "affected",
                    "version": "12.5.6-008"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.2-012"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.3-014"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.4-005"
                  },
                  {
                    "status": "affected",
                    "version": "14.0.5-007"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.0-498"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.1-016"
                  },
                  {
                    "status": "affected",
                    "version": "14.5.2-011"
                  },
                  {
                    "status": "affected",
                    "version": "15.0.0-322"
                  },
                  {
                    "status": "affected",
                    "version": "15.0.0-355"
                  },
                  {
                    "status": "affected",
                    "version": "15.1.0-287"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20435",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-17T17:15:02.287832Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-17T17:28:04.667Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.297Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-swa-priv-esc-7uHpZsCC",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-priv-esc-7uHpZsCC"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.5.2-011"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.0.5-007"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-355"
                },
                {
                  "status": "affected",
                  "version": "15.1.0-287"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-17T16:27:59.858Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-swa-priv-esc-7uHpZsCC",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-priv-esc-7uHpZsCC"
            }
          ],
          "source": {
            "advisory": "cisco-sa-swa-priv-esc-7uHpZsCC",
            "defects": [
              "CSCwj30015"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20435",
        "datePublished": "2024-07-17T16:27:59.858Z",
        "dateReserved": "2023-11-08T15:08:07.667Z",
        "dateUpdated": "2024-08-01T21:59:42.297Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20256 (GCVE-0-2024-20256)

    Vulnerability from cvelistv5 – Published: 2024-05-15 17:56 – Updated: 2024-08-15 15:29
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 12.5.6-008
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Affected: 15.0.0-322
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 9.0.0-087
    Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 13.8.1-108
    Affected: 12.8.1-002
    Affected: 12.8.1-021
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Affected: 14.2.0-224
    Affected: 14.2.1-020
    Affected: 14.3.0-120
    Affected: 15.0.0-334
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:52:31.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20256",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T18:47:15.332751Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-15T15:29:20.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "12.5.6-008"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-322"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.0.0-087"
                },
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-108"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-021"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-224"
                },
                {
                  "status": "affected",
                  "version": "14.2.1-020"
                },
                {
                  "status": "affected",
                  "version": "14.3.0-120"
                },
                {
                  "status": "affected",
                  "version": "15.0.0-334"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\rThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-05-15T17:56:38.074Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD",
            "defects": [
              "CSCwe88788",
              "CSCwe91887"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20256",
        "datePublished": "2024-05-15T17:56:38.074Z",
        "dateReserved": "2023-11-08T15:08:07.623Z",
        "dateUpdated": "2024-08-15T15:29:20.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20215 (GCVE-0-2023-20215)

    Vulnerability from cvelistv5 – Published: 2023-08-03 21:16 – Updated: 2024-08-02 09:05
    VLAI
    Summary
    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
    CWE
    • CWE-202 - Exposure of Sensitive Information Through Data Queries
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.5.1-016
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Affected: 14.0.4-005
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:05:35.594Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-wsa-bypass-vXvqwzsj",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.5.1-016"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                },
                {
                  "status": "affected",
                  "version": "14.0.4-005"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-202",
                  "description": "Exposure of Sensitive Information Through Data Queries",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:58:20.215Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-bypass-vXvqwzsj",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-bypass-vXvqwzsj",
            "defects": [
              "CSCwf60901",
              "CSCwf55917",
              "CSCwf94501"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20215",
        "datePublished": "2023-08-03T21:16:38.159Z",
        "dateReserved": "2022-10-27T18:47:50.368Z",
        "dateUpdated": "2024-08-02T09:05:35.594Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20952 (GCVE-0-2022-20952)

    Vulnerability from cvelistv5 – Published: 2023-02-16 15:27 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.019Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-wsa-bypass-bwBfugek",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:24.396Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-wsa-bypass-bwBfugek",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek"
            }
          ],
          "source": {
            "advisory": "cisco-sa-wsa-bypass-bwBfugek",
            "defects": [
              "CSCwc54898"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20952",
        "datePublished": "2023-02-16T15:27:16.003Z",
        "dateReserved": "2021-11-02T13:28:29.194Z",
        "dateUpdated": "2024-08-03T02:31:59.019Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20032 (GCVE-0-2023-20032)

    Vulnerability from cvelistv5 – Published: 2023-02-16 15:24 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition. For a description of this vulnerability, see the ClamAV blog ["https://blog.clamav.net/"].
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 12.5.5-004
    Affected: 14.5.0-498
    Affected: 14.0.3-014
    Affected: 14.0.2-012
    Create a notification for this product.
    Cisco Cisco Secure Endpoint Affected: 6.1.9
    Affected: 6.2.5
    Affected: 6.3.7
    Affected: 6.3.3
    Affected: 7.0.5
    Affected: 7.1.1
    Affected: 1.12.1
    Affected: 1.12.2
    Affected: 1.12.3
    Affected: 1.12.7
    Affected: 1.12.4
    Affected: 1.11.0
    Affected: 1.10.2
    Affected: 1.10.0
    Affected: 1.14.0
    Affected: 1.6.0
    Affected: 1.9.0
    Affected: 1.8.1
    Affected: 1.8.0
    Affected: 1.7.0
    Affected: 7.2.13
    Affected: 7.3.5
    Create a notification for this product.
    Cisco Cisco Secure Endpoint Private Cloud Administration Portal Affected: N/A
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.875Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-clamav-q8DThCy",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "12.5.5-004"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.3-014"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            },
            {
              "product": "Cisco Secure Endpoint",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.9"
                },
                {
                  "status": "affected",
                  "version": "6.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.7"
                },
                {
                  "status": "affected",
                  "version": "6.3.3"
                },
                {
                  "status": "affected",
                  "version": "7.0.5"
                },
                {
                  "status": "affected",
                  "version": "7.1.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.1"
                },
                {
                  "status": "affected",
                  "version": "1.12.2"
                },
                {
                  "status": "affected",
                  "version": "1.12.3"
                },
                {
                  "status": "affected",
                  "version": "1.12.7"
                },
                {
                  "status": "affected",
                  "version": "1.12.4"
                },
                {
                  "status": "affected",
                  "version": "1.11.0"
                },
                {
                  "status": "affected",
                  "version": "1.10.2"
                },
                {
                  "status": "affected",
                  "version": "1.10.0"
                },
                {
                  "status": "affected",
                  "version": "1.14.0"
                },
                {
                  "status": "affected",
                  "version": "1.6.0"
                },
                {
                  "status": "affected",
                  "version": "1.9.0"
                },
                {
                  "status": "affected",
                  "version": "1.8.1"
                },
                {
                  "status": "affected",
                  "version": "1.8.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.0"
                },
                {
                  "status": "affected",
                  "version": "7.2.13"
                },
                {
                  "status": "affected",
                  "version": "7.3.5"
                }
              ]
            },
            {
              "product": "Cisco Secure Endpoint Private Cloud Administration Portal",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code.\r\n\r \r This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.\r\n\r For a description of this vulnerability, see the ClamAV blog [\"https://blog.clamav.net/\"]."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a proof-of-concept is available that demonstrates that this vulnerability can be used to cause a buffer overflow and subsequent process termination.\r\n\r\nAdditional technical information is also available that describes this vulnerability in detail.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:34.558Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-clamav-q8DThCy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-q8DThCy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-clamav-q8DThCy",
            "defects": [
              "CSCwd74135",
              "CSCwd74134",
              "CSCwd74133",
              "CSCwe18204",
              "CSCwd74132"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20032",
        "datePublished": "2023-02-16T15:24:05.173Z",
        "dateReserved": "2022-10-27T18:47:50.315Z",
        "dateUpdated": "2024-08-02T08:57:35.875Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20942 (GCVE-0-2022-20942)

    Vulnerability from cvelistv5 – Published: 2022-11-03 19:30 – Updated: 2024-08-03 02:31
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.
    CWE
    • CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.7.0-406
    Affected: 11.7.0-418
    Affected: 11.7.1-049
    Affected: 11.7.1-006
    Affected: 11.7.1-020
    Affected: 11.7.2-011
    Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 11.0.3-238
    Affected: 11.1.0-069
    Affected: 11.1.0-131
    Affected: 11.1.0-128
    Affected: 12.0.0-419
    Affected: 12.1.0-071
    Affected: 12.1.0-087
    Affected: 12.1.0-089
    Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 12.5.0-066
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 11.0.0-115
    Affected: 11.0.1-161
    Affected: 11.5.1-105
    Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Affected: 14.2.0-212
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:31:59.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.7.0-406"
                },
                {
                  "status": "affected",
                  "version": "11.7.0-418"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-049"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-006"
                },
                {
                  "status": "affected",
                  "version": "11.7.1-020"
                },
                {
                  "status": "affected",
                  "version": "11.7.2-011"
                },
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.3-238"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-069"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-131"
                },
                {
                  "status": "affected",
                  "version": "11.1.0-128"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-419"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-071"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-087"
                },
                {
                  "status": "affected",
                  "version": "12.1.0-089"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-066"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0.0-115"
                },
                {
                  "status": "affected",
                  "version": "11.0.1-161"
                },
                {
                  "status": "affected",
                  "version": "11.5.1-105"
                },
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-212"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.\r\n\r This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-359",
                  "description": "Exposure of Private Personal Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:18.446Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cnt-sec-infodiscl-BVKKnUG",
            "defects": [
              "CSCwc43106",
              "CSCwc43102",
              "CSCwc43104"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20942",
        "datePublished": "2022-11-03T19:30:36.424Z",
        "dateReserved": "2021-11-02T13:28:29.193Z",
        "dateUpdated": "2024-08-03T02:31:59.271Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20868 (GCVE-0-2022-20868)

    Vulnerability from cvelistv5 – Published: 2022-11-03 19:29 – Updated: 2024-08-03 02:24
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.
    CWE
    • CWE-321 - Use of Hard-coded Cryptographic Key
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Web Appliance Affected: 11.8.0-414
    Affected: 11.8.1-023
    Affected: 11.8.3-018
    Affected: 11.8.3-021
    Affected: 12.0.1-268
    Affected: 12.0.3-007
    Affected: 12.5.2-007
    Affected: 12.5.1-011
    Affected: 12.5.4-005
    Affected: 14.5.0-498
    Affected: 14.0.2-012
    Create a notification for this product.
    Cisco Cisco Secure Email Affected: 13.0.0-392
    Affected: 13.5.1-277
    Affected: 14.0.0-698
    Affected: 14.2.0-620
    Create a notification for this product.
    Cisco Cisco Secure Email and Web Manager Affected: 12.0.0-452
    Affected: 12.0.1-011
    Affected: 12.5.0-636
    Affected: 12.5.0-658
    Affected: 12.5.0-678
    Affected: 12.5.0-670
    Affected: 13.0.0-277
    Affected: 13.6.2-078
    Affected: 13.8.1-068
    Affected: 13.8.1-074
    Affected: 12.8.1-002
    Affected: 14.0.0-404
    Affected: 14.1.0-223
    Affected: 14.1.0-227
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:24:50.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Web Appliance",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.8.0-414"
                },
                {
                  "status": "affected",
                  "version": "11.8.1-023"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-018"
                },
                {
                  "status": "affected",
                  "version": "11.8.3-021"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-268"
                },
                {
                  "status": "affected",
                  "version": "12.0.3-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.2-007"
                },
                {
                  "status": "affected",
                  "version": "12.5.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.4-005"
                },
                {
                  "status": "affected",
                  "version": "14.5.0-498"
                },
                {
                  "status": "affected",
                  "version": "14.0.2-012"
                }
              ]
            },
            {
              "product": "Cisco Secure Email",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0.0-392"
                },
                {
                  "status": "affected",
                  "version": "13.5.1-277"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-698"
                },
                {
                  "status": "affected",
                  "version": "14.2.0-620"
                }
              ]
            },
            {
              "product": "Cisco Secure Email and Web Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.0.0-452"
                },
                {
                  "status": "affected",
                  "version": "12.0.1-011"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-636"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-658"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-678"
                },
                {
                  "status": "affected",
                  "version": "12.5.0-670"
                },
                {
                  "status": "affected",
                  "version": "13.0.0-277"
                },
                {
                  "status": "affected",
                  "version": "13.6.2-078"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-068"
                },
                {
                  "status": "affected",
                  "version": "13.8.1-074"
                },
                {
                  "status": "affected",
                  "version": "12.8.1-002"
                },
                {
                  "status": "affected",
                  "version": "14.0.0-404"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-223"
                },
                {
                  "status": "affected",
                  "version": "14.1.0-227"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. \r\n\r\nThis vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.\r\n"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-321",
                  "description": "Use of Hard-coded Cryptographic Key",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:11.853Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD"
            }
          ],
          "source": {
            "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD",
            "defects": [
              "CSCwc12181",
              "CSCwc12183",
              "CSCwc12184"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20868",
        "datePublished": "2022-11-03T19:29:31.722Z",
        "dateReserved": "2021-11-02T13:28:29.182Z",
        "dateUpdated": "2024-08-03T02:24:50.239Z",
        "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }