Vulnerability-Lookup

CVE-2025-20207 (GCVE-0-2025-20207)

Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57

Title

Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability

Summary

A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

cisco

References

1 reference

URL	Tags
https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

3 products

Vendor	Product	Version
Cisco	Cisco Secure Email	Affected: 14.0.0-698 Affected: 13.5.1-277 Affected: 13.0.0-392 Affected: 14.2.0-620 Affected: 13.0.5-007 Affected: 13.5.4-038 Affected: 14.2.1-020 Affected: 14.3.0-032 Affected: 15.0.0-104 Affected: 15.0.1-030 Affected: 15.5.0-048 Affected: 15.5.1-055
Cisco	Cisco Secure Email and Web Manager	Affected: 13.6.2-023 Affected: 13.6.2-078 Affected: 13.0.0-249 Affected: 13.0.0-277 Affected: 13.8.1-052 Affected: 13.8.1-068 Affected: 13.8.1-074 Affected: 14.0.0-404 Affected: 12.8.1-002 Affected: 14.1.0-227 Affected: 13.6.1-201 Affected: 14.2.0-203 Affected: 14.2.0-212 Affected: 12.8.1-021 Affected: 13.8.1-108 Affected: 14.2.0-224 Affected: 14.3.0-120 Affected: 15.0.0-334 Affected: 15.5.1-024 Affected: 15.5.1-029
Cisco	Cisco Secure Web Appliance	Affected: 11.8.0-453 Affected: 12.5.3-002 Affected: 12.0.3-007 Affected: 12.0.3-005 Affected: 14.1.0-032 Affected: 14.1.0-047 Affected: 14.1.0-041 Affected: 12.0.4-002 Affected: 14.0.2-012 Affected: 11.8.0-414 Affected: 12.0.1-268 Affected: 11.8.1-023 Affected: 11.8.3-021 Affected: 11.8.3-018 Affected: 12.5.1-011 Affected: 11.8.4-004 Affected: 12.5.2-007 Affected: 12.5.2-011 Affected: 14.5.0-498 Affected: 12.5.4-005 Affected: 12.5.4-011 Affected: 12.0.5-011 Affected: 14.0.3-014 Affected: 12.5.5-004 Affected: 12.5.5-005 Affected: 12.5.5-008 Affected: 14.0.4-005 Affected: 14.5.1-008 Affected: 14.5.1-016 Affected: 15.0.0-355 Affected: 15.0.0-322 Affected: 12.5.6-008 Affected: 15.1.0-287 Affected: 14.5.2-011 Affected: 15.2.0-116 Affected: 14.0.5-007 Affected: 15.2.0-164 Affected: 14.5.1-510 Affected: 12.0.2-012 Affected: 12.0.2-004 Affected: 14.5.1-607 Affected: 14.5.3-033 Affected: 12.0.1-334 Affected: 14.0.1-503 Affected: 14.0.1-053 Affected: 11.8.0-429 Affected: 14.0.1-040 Affected: 14.0.1-014 Affected: 12.5.1-043

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20207",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T16:57:37.294661Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T16:57:53.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Email",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-698"
            },
            {
              "status": "affected",
              "version": "13.5.1-277"
            },
            {
              "status": "affected",
              "version": "13.0.0-392"
            },
            {
              "status": "affected",
              "version": "14.2.0-620"
            },
            {
              "status": "affected",
              "version": "13.0.5-007"
            },
            {
              "status": "affected",
              "version": "13.5.4-038"
            },
            {
              "status": "affected",
              "version": "14.2.1-020"
            },
            {
              "status": "affected",
              "version": "14.3.0-032"
            },
            {
              "status": "affected",
              "version": "15.0.0-104"
            },
            {
              "status": "affected",
              "version": "15.0.1-030"
            },
            {
              "status": "affected",
              "version": "15.5.0-048"
            },
            {
              "status": "affected",
              "version": "15.5.1-055"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Email and Web Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "13.6.2-023"
            },
            {
              "status": "affected",
              "version": "13.6.2-078"
            },
            {
              "status": "affected",
              "version": "13.0.0-249"
            },
            {
              "status": "affected",
              "version": "13.0.0-277"
            },
            {
              "status": "affected",
              "version": "13.8.1-052"
            },
            {
              "status": "affected",
              "version": "13.8.1-068"
            },
            {
              "status": "affected",
              "version": "13.8.1-074"
            },
            {
              "status": "affected",
              "version": "14.0.0-404"
            },
            {
              "status": "affected",
              "version": "12.8.1-002"
            },
            {
              "status": "affected",
              "version": "14.1.0-227"
            },
            {
              "status": "affected",
              "version": "13.6.1-201"
            },
            {
              "status": "affected",
              "version": "14.2.0-203"
            },
            {
              "status": "affected",
              "version": "14.2.0-212"
            },
            {
              "status": "affected",
              "version": "12.8.1-021"
            },
            {
              "status": "affected",
              "version": "13.8.1-108"
            },
            {
              "status": "affected",
              "version": "14.2.0-224"
            },
            {
              "status": "affected",
              "version": "14.3.0-120"
            },
            {
              "status": "affected",
              "version": "15.0.0-334"
            },
            {
              "status": "affected",
              "version": "15.5.1-024"
            },
            {
              "status": "affected",
              "version": "15.5.1-029"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Web Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "11.8.0-453"
            },
            {
              "status": "affected",
              "version": "12.5.3-002"
            },
            {
              "status": "affected",
              "version": "12.0.3-007"
            },
            {
              "status": "affected",
              "version": "12.0.3-005"
            },
            {
              "status": "affected",
              "version": "14.1.0-032"
            },
            {
              "status": "affected",
              "version": "14.1.0-047"
            },
            {
              "status": "affected",
              "version": "14.1.0-041"
            },
            {
              "status": "affected",
              "version": "12.0.4-002"
            },
            {
              "status": "affected",
              "version": "14.0.2-012"
            },
            {
              "status": "affected",
              "version": "11.8.0-414"
            },
            {
              "status": "affected",
              "version": "12.0.1-268"
            },
            {
              "status": "affected",
              "version": "11.8.1-023"
            },
            {
              "status": "affected",
              "version": "11.8.3-021"
            },
            {
              "status": "affected",
              "version": "11.8.3-018"
            },
            {
              "status": "affected",
              "version": "12.5.1-011"
            },
            {
              "status": "affected",
              "version": "11.8.4-004"
            },
            {
              "status": "affected",
              "version": "12.5.2-007"
            },
            {
              "status": "affected",
              "version": "12.5.2-011"
            },
            {
              "status": "affected",
              "version": "14.5.0-498"
            },
            {
              "status": "affected",
              "version": "12.5.4-005"
            },
            {
              "status": "affected",
              "version": "12.5.4-011"
            },
            {
              "status": "affected",
              "version": "12.0.5-011"
            },
            {
              "status": "affected",
              "version": "14.0.3-014"
            },
            {
              "status": "affected",
              "version": "12.5.5-004"
            },
            {
              "status": "affected",
              "version": "12.5.5-005"
            },
            {
              "status": "affected",
              "version": "12.5.5-008"
            },
            {
              "status": "affected",
              "version": "14.0.4-005"
            },
            {
              "status": "affected",
              "version": "14.5.1-008"
            },
            {
              "status": "affected",
              "version": "14.5.1-016"
            },
            {
              "status": "affected",
              "version": "15.0.0-355"
            },
            {
              "status": "affected",
              "version": "15.0.0-322"
            },
            {
              "status": "affected",
              "version": "12.5.6-008"
            },
            {
              "status": "affected",
              "version": "15.1.0-287"
            },
            {
              "status": "affected",
              "version": "14.5.2-011"
            },
            {
              "status": "affected",
              "version": "15.2.0-116"
            },
            {
              "status": "affected",
              "version": "14.0.5-007"
            },
            {
              "status": "affected",
              "version": "15.2.0-164"
            },
            {
              "status": "affected",
              "version": "14.5.1-510"
            },
            {
              "status": "affected",
              "version": "12.0.2-012"
            },
            {
              "status": "affected",
              "version": "12.0.2-004"
            },
            {
              "status": "affected",
              "version": "14.5.1-607"
            },
            {
              "status": "affected",
              "version": "14.5.3-033"
            },
            {
              "status": "affected",
              "version": "12.0.1-334"
            },
            {
              "status": "affected",
              "version": "14.0.1-503"
            },
            {
              "status": "affected",
              "version": "14.0.1-053"
            },
            {
              "status": "affected",
              "version": "11.8.0-429"
            },
            {
              "status": "affected",
              "version": "14.0.1-040"
            },
            {
              "status": "affected",
              "version": "14.0.1-014"
            },
            {
              "status": "affected",
              "version": "12.5.1-043"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-05T16:15:06.012Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
        "defects": [
          "CSCwk60819"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20207",
    "datePublished": "2025-02-05T16:15:06.012Z",
    "dateReserved": "2024-10-10T19:15:13.230Z",
    "dateUpdated": "2025-02-05T16:57:53.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-20207",
      "date": "2026-05-30",
      "epss": "0.00095",
      "percentile": "0.26307"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-20207\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-02-05T17:15:26.410\",\"lastModified\":\"2025-02-05T17:15:26.410\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\\r\\n\\r\\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el sondeo de Simple Network Management Protocol (SNMP) para Cisco Secure Email and Web Manager, Cisco Secure Email Gateway y Cisco Secure Web Appliance podr\u00eda permitir que un atacante remoto autenticado obtenga informaci\u00f3n confidencial sobre el sistema operativo subyacente. Esta vulnerabilidad existe porque los dispositivos no protegen la informaci\u00f3n confidencial en reposo en respuesta a las solicitudes de sondeo SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud de sondeo SNMP manipulada al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante descubrir informaci\u00f3n confidencial que deber\u00eda estar restringida. Para aprovechar esta vulnerabilidad, un atacante debe tener las credenciales SNMP configuradas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20207\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-05T16:57:37.294661Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-05T16:57:47.207Z\"}}], \"cna\": {\"title\": \"Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability\", \"source\": {\"defects\": [\"CSCwk60819\"], \"advisory\": \"cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Email\", \"versions\": [{\"status\": \"affected\", \"version\": \"14.0.0-698\"}, {\"status\": \"affected\", \"version\": \"13.5.1-277\"}, {\"status\": \"affected\", \"version\": \"13.0.0-392\"}, {\"status\": \"affected\", \"version\": \"14.2.0-620\"}, {\"status\": \"affected\", \"version\": \"13.0.5-007\"}, {\"status\": \"affected\", \"version\": \"13.5.4-038\"}, {\"status\": \"affected\", \"version\": \"14.2.1-020\"}, {\"status\": \"affected\", \"version\": \"14.3.0-032\"}, {\"status\": \"affected\", \"version\": \"15.0.0-104\"}, {\"status\": \"affected\", \"version\": \"15.0.1-030\"}, {\"status\": \"affected\", \"version\": \"15.5.0-048\"}, {\"status\": \"affected\", \"version\": \"15.5.1-055\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Email and Web Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.6.2-023\"}, {\"status\": \"affected\", \"version\": \"13.6.2-078\"}, {\"status\": \"affected\", \"version\": \"13.0.0-249\"}, {\"status\": \"affected\", \"version\": \"13.0.0-277\"}, {\"status\": \"affected\", \"version\": \"13.8.1-052\"}, {\"status\": \"affected\", \"version\": \"13.8.1-068\"}, {\"status\": \"affected\", \"version\": \"13.8.1-074\"}, {\"status\": \"affected\", \"version\": \"14.0.0-404\"}, {\"status\": \"affected\", \"version\": \"12.8.1-002\"}, {\"status\": \"affected\", \"version\": \"14.1.0-227\"}, {\"status\": \"affected\", \"version\": \"13.6.1-201\"}, {\"status\": \"affected\", \"version\": \"14.2.0-203\"}, {\"status\": \"affected\", \"version\": \"14.2.0-212\"}, {\"status\": \"affected\", \"version\": \"12.8.1-021\"}, {\"status\": \"affected\", \"version\": \"13.8.1-108\"}, {\"status\": \"affected\", \"version\": \"14.2.0-224\"}, {\"status\": \"affected\", \"version\": \"14.3.0-120\"}, {\"status\": \"affected\", \"version\": \"15.0.0-334\"}, {\"status\": \"affected\", \"version\": \"15.5.1-024\"}, {\"status\": \"affected\", \"version\": \"15.5.1-029\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Web Appliance\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.8.0-453\"}, {\"status\": \"affected\", \"version\": \"12.5.3-002\"}, {\"status\": \"affected\", \"version\": \"12.0.3-007\"}, {\"status\": \"affected\", \"version\": \"12.0.3-005\"}, {\"status\": \"affected\", \"version\": \"14.1.0-032\"}, {\"status\": \"affected\", \"version\": \"14.1.0-047\"}, {\"status\": \"affected\", \"version\": \"14.1.0-041\"}, {\"status\": \"affected\", \"version\": \"12.0.4-002\"}, {\"status\": \"affected\", \"version\": \"14.0.2-012\"}, {\"status\": \"affected\", \"version\": \"11.8.0-414\"}, {\"status\": \"affected\", \"version\": \"12.0.1-268\"}, {\"status\": \"affected\", \"version\": \"11.8.1-023\"}, {\"status\": \"affected\", \"version\": \"11.8.3-021\"}, {\"status\": \"affected\", \"version\": \"11.8.3-018\"}, {\"status\": \"affected\", \"version\": \"12.5.1-011\"}, {\"status\": \"affected\", \"version\": \"11.8.4-004\"}, {\"status\": \"affected\", \"version\": \"12.5.2-007\"}, {\"status\": \"affected\", \"version\": \"12.5.2-011\"}, {\"status\": \"affected\", \"version\": \"14.5.0-498\"}, {\"status\": \"affected\", \"version\": \"12.5.4-005\"}, {\"status\": \"affected\", \"version\": \"12.5.4-011\"}, {\"status\": \"affected\", \"version\": \"12.0.5-011\"}, {\"status\": \"affected\", \"version\": \"14.0.3-014\"}, {\"status\": \"affected\", \"version\": \"12.5.5-004\"}, {\"status\": \"affected\", \"version\": \"12.5.5-005\"}, {\"status\": \"affected\", \"version\": \"12.5.5-008\"}, {\"status\": \"affected\", \"version\": \"14.0.4-005\"}, {\"status\": \"affected\", \"version\": \"14.5.1-008\"}, {\"status\": \"affected\", \"version\": \"14.5.1-016\"}, {\"status\": \"affected\", \"version\": \"15.0.0-355\"}, {\"status\": \"affected\", \"version\": \"15.0.0-322\"}, {\"status\": \"affected\", \"version\": \"12.5.6-008\"}, {\"status\": \"affected\", \"version\": \"15.1.0-287\"}, {\"status\": \"affected\", \"version\": \"14.5.2-011\"}, {\"status\": \"affected\", \"version\": \"15.2.0-116\"}, {\"status\": \"affected\", \"version\": \"14.0.5-007\"}, {\"status\": \"affected\", \"version\": \"15.2.0-164\"}, {\"status\": \"affected\", \"version\": \"14.5.1-510\"}, {\"status\": \"affected\", \"version\": \"12.0.2-012\"}, {\"status\": \"affected\", \"version\": \"12.0.2-004\"}, {\"status\": \"affected\", \"version\": \"14.5.1-607\"}, {\"status\": \"affected\", \"version\": \"14.5.3-033\"}, {\"status\": \"affected\", \"version\": \"12.0.1-334\"}, {\"status\": \"affected\", \"version\": \"14.0.1-503\"}, {\"status\": \"affected\", \"version\": \"14.0.1-053\"}, {\"status\": \"affected\", \"version\": \"11.8.0-429\"}, {\"status\": \"affected\", \"version\": \"14.0.1-040\"}, {\"status\": \"affected\", \"version\": \"14.0.1-014\"}, {\"status\": \"affected\", \"version\": \"12.5.1-043\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\", \"name\": \"cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\\r\\n\\r\\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-200\", \"description\": \"Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-02-05T16:15:06.012Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-20207\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-05T16:57:53.809Z\", \"dateReserved\": \"2024-10-10T19:15:13.230Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-02-05T16:15:06.012Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

BDU:2025-01895

Vulnerability from fstec - Published: 05.02.2025

Title

Description

Уязвимость реализации протокола Simple Network Management Protocol (SNMP) средств защиты Cisco Secure Email and Web Manager, Cisco Secure Email Gateway и Cisco Secure Web Appliance связана с недостаточной защитой служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации

Severity


                    
                      AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vendor

Cisco Systems Inc.

Software Name

Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, Cisco Secure Web Appliance

Software Version

до 15.5.2-005 (Cisco Secure Email and Web Manager), от 16.0 до 16.0.0-195 (Cisco Secure Email and Web Manager), до 15.0.3-002 (Cisco Secure Email Gateway), от 15.5 до 15.5.2-018 (Cisco Secure Email Gateway), от 16.0 до 16.0.0-050 (Cisco Secure Email Gateway), до 15.0.1-004 (Cisco Secure Web Appliance), от 15.1 до 15.2.1-010 (Cisco Secure Web Appliance)

Possible Mitigations

Использование рекомендаций: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX

CWE

CWE-200

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 15.5.2-005 (Cisco Secure Email and Web Manager), \u043e\u0442 16.0 \u0434\u043e 16.0.0-195 (Cisco Secure Email and Web Manager), \u0434\u043e 15.0.3-002 (Cisco Secure Email Gateway), \u043e\u0442 15.5 \u0434\u043e 15.5.2-018 (Cisco Secure Email Gateway), \u043e\u0442 16.0 \u0434\u043e 16.0.0-050 (Cisco Secure Email Gateway), \u0434\u043e 15.0.1-004 (Cisco Secure Web Appliance), \u043e\u0442 15.1 \u0434\u043e 15.2.1-010 (Cisco Secure Web Appliance)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.02.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-01895",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-20207",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, Cisco Secure Web Appliance",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Simple Network Management Protocol (SNMP) \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b Cisco Secure Email and Web Manager, Cisco Secure Email Gateway \u0438 Cisco Secure Web Appliance, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Simple Network Management Protocol (SNMP) \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b Cisco Secure Email and Web Manager, Cisco Secure Email Gateway \u0438 Cisco Secure Web Appliance \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,3)"
}

CISCO-SA-ESA-SMA-WSA-SNMP-INF-FQPVL8SX

Vulnerability from csaf_cisco - Published: 2025-02-05 16:00 - Updated: 2025-02-05 16:00

Summary

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability

Notes

Summary: A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Vulnerable Products: At the time of publication, this vulnerability affected the following Cisco products if they had SNMP enabled: Secure Email and Web Manager Secure Email Gateway Secure Web Appliance Note: SNMP is not enabled by default on these products. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software ["#fs"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Determine Whether SNMP Is Enabled To determine whether SNMP is enabled on a device, connect to the device using SSH and run the snmpconfig command. The following example shows the output of this command on a device that has SNMP configured: ESA> snmpconfig Current SNMP settings: Listening on interface "Management" 10.10.10.10/27 port 161. SNMP v3: Enabled. Security level: authPriv Authentication Protocol: SHA [...] The following example shows the output of this command on a device that does not have SNMP configured: ESA> snmpconfig Current SNMP settings: SNMP Disabled. Note: The preceding examples show the output of this command on Cisco Secure Email Gateway. The output for the command on the other affected products is almost identical.

Products Confirmed Not Vulnerable: Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Workarounds: There are no workarounds that address this vulnerability.

Fixed Software: When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following tables was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability that is described in this advisory and which release included the fix for this vulnerability. Cisco Secure Email and Web Manager Release First Fixed Release 15.5 and earlier 15.5.2-005 16.0 16.0.0-195 Cisco Secure Email Gateway Release First Fixed Release 15.0 and earlier 15.0.3-002 15.5 15.5.2-018 16.0 16.0.0-050 Cisco Secure Web Appliance Release First Fixed Release 15.0 and earlier 15.0.1-004 15.1 Migrate to a fixed release. 15.2 15.2.1-010 In most cases, the software can be upgraded over the network by using the System Upgrade options in the web-based management interface of the appliance. To upgrade a device by using the web-based management interface, do the following: Choose System Administration > System Upgrade. Click Upgrade Options. Click Download and Install. Choose a release to upgrade to. In the Upgrade Preparation area, choose the appropriate options. Click Proceed to begin the upgrade. A progress bar displays the status of the upgrade. After the upgrade is complete, the device reboots. Cisco Secure Email Cloud includes Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices as part of the service solution. Cisco provides regular maintenance of the products included in this solution. Customers can also request a software upgrade by contacting the Cisco TAC. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements: The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source: This vulnerability was found during internal security testing.

Legal Disclaimer: THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

CVE-2025-20207

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 3 products

Product	Version	Remediation
Cisco Secure Email Cisco	—	Vendor Fix fix
Cisco Secure Email and Web Manager Cisco	—	Vendor Fix fix
Cisco Secure Web Appliance Cisco	—	Vendor Fix fix

References

5 references

URL	Category
https://sec.cloudapps.cisco.com/security/center/c…	self
https://sec.cloudapps.cisco.com/security/center/r…	external
https://sec.cloudapps.cisco.com/security/center/r…	external
https://www.cisco.com/go/psirt	external
http://www.cisco.com/web/about/security/psirt/sec…	external

Acknowledgments

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during internal security testing."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "At the time of publication, this vulnerability affected the following Cisco products if they had SNMP enabled:\r\n\r\nSecure Email and Web Manager\r\nSecure Email Gateway\r\nSecure Web Appliance\r\n\r\nNote: SNMP is not enabled by default on these products.\r\n\r\nFor information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software [\"#fs\"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n  Determine Whether SNMP Is Enabled\r\nTo determine whether SNMP is enabled on a device, connect to the device using SSH and run the snmpconfig command.\r\n\r\nThe following example shows the output of this command on a device that has SNMP configured:\r\n\r\n\r\nESA\u003e snmpconfig\r\nCurrent SNMP settings:\r\nListening on interface \"Management\" 10.10.10.10/27 port 161.\r\nSNMP v3: Enabled. Security level: authPriv\r\nAuthentication Protocol: SHA\r\n[...]\r\n\r\nThe following example shows the output of this command on a device that does not have SNMP configured:\r\n\r\n\r\nESA\u003e snmpconfig\r\nCurrent SNMP settings:\r\nSNMP Disabled.\r\n\r\nNote: The preceding examples show the output of this command on Cisco Secure Email Gateway. The output for the command on the other affected products is almost identical.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n      Fixed Releases\r\nAt the time of publication, the release information in the following tables was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n\r\nThe left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability that is described in this advisory and which release included the fix for this vulnerability.\r\n        Cisco Secure Email and Web Manager Release  First Fixed Release          15.5 and earlier  15.5.2-005      16.0  16.0.0-195\r\n         Cisco Secure Email Gateway Release  First Fixed Release          15.0 and earlier  15.0.3-002      15.5  15.5.2-018      16.0  16.0.0-050\r\n         Cisco Secure Web Appliance Release  First Fixed Release          15.0 and earlier  15.0.1-004      15.1  Migrate to a fixed release.      15.2  15.2.1-010\r\nIn most cases, the software can be upgraded over the network by using the System Upgrade options in the web-based management interface of the appliance. To upgrade a device by using the web-based management interface, do the following:\r\n\r\nChoose System Administration \u003e System Upgrade.\r\nClick Upgrade Options.\r\nClick Download and Install.\r\nChoose a release to upgrade to.\r\nIn the Upgrade Preparation area, choose the appropriate options.\r\nClick Proceed to begin the upgrade. A progress bar displays the status of the upgrade.\r\n\r\nAfter the upgrade is complete, the device reboots.\r\n\r\nCisco Secure Email Cloud includes Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices as part of the service solution. Cisco provides regular maintenance of the products included in this solution. Customers can also request a software upgrade by contacting the Cisco TAC.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during internal security testing.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "considering software upgrades",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability",
    "tracking": {
      "current_release_date": "2025-02-05T16:00:00+00:00",
      "generator": {
        "date": "2025-02-05T16:00:43+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
      "initial_release_date": "2025-02-05T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2025-02-05T15:57:24+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_family",
            "name": "Cisco Secure Web Appliance",
            "product": {
              "name": "Cisco Secure Web Appliance ",
              "product_id": "CSAFPID-189789"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco Secure Email",
            "product": {
              "name": "Cisco Secure Email ",
              "product_id": "CSAFPID-189790"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco Secure Email and Web Manager",
            "product": {
              "name": "Cisco Secure Email and Web Manager ",
              "product_id": "CSAFPID-189791"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20207",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk56452"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk56456"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk60819"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-189790",
          "CSAFPID-189791",
          "CSAFPID-189789"
        ]
      },
      "release_date": "2025-02-05T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-189791",
            "CSAFPID-189789",
            "CSAFPID-189790"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189790",
            "CSAFPID-189791",
            "CSAFPID-189789"
          ]
        }
      ],
      "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
    }
  ]
}

FKIE_CVE-2025-20207

Vulnerability from fkie_nvd - Published: 2025-02-05 17:15 - Updated: 2026-04-15 00:35

Severity

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el sondeo de Simple Network Management Protocol (SNMP) para Cisco Secure Email and Web Manager, Cisco Secure Email Gateway y Cisco Secure Web Appliance podr\u00eda permitir que un atacante remoto autenticado obtenga informaci\u00f3n confidencial sobre el sistema operativo subyacente. Esta vulnerabilidad existe porque los dispositivos no protegen la informaci\u00f3n confidencial en reposo en respuesta a las solicitudes de sondeo SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud de sondeo SNMP manipulada al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante descubrir informaci\u00f3n confidencial que deber\u00eda estar restringida. Para aprovechar esta vulnerabilidad, un atacante debe tener las credenciales SNMP configuradas."
    }
  ],
  "id": "CVE-2025-20207",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-05T17:15:26.410",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

GHSA-W3CF-QCR3-6PPG

Vulnerability from github – Published: 2025-02-05 18:34 – Updated: 2025-02-05 18:34

Details

This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.

Severity

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-20207"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-05T17:15:26Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\n\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.",
  "id": "GHSA-w3cf-qcr3-6ppg",
  "modified": "2025-02-05T18:34:45Z",
  "published": "2025-02-05T18:34:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20207"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

WID-SEC-W-2025-0276

Vulnerability from csaf_certbund - Published: 2025-02-05 23:00 - Updated: 2025-02-05 23:00

Summary

Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Cisco AsyncOS ist ein Betriebssystem für Cisco Appliances. Das Cisco Secure Email Gateway ist eine Sicherheitslösung zum Schutz der E-Mail Kommunikation. Cisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.

Angriff: Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuführen, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme: - CISCO Appliance

CVE-2025-20184

Es besteht eine Schwachstelle in der Cisco AsyncOS Software für Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die unzureichende Validierung von XML-Konfigurationsdateien ermöglicht die Einspeisung von Befehlen durch das Hochladen einer manipulierten XML-Konfigurationsdatei. Ein entfernter, authentisierter Angreifer mit administrativen Anmeldedaten kann diese Schwachstelle ausnutzen, um Befehle mit Root-Rechten in das zugrunde liegende Betriebssystem einzuschleusen.

Affected products

Known affected 5 products

Product	Identifier	Version	Remediation
Cisco AsyncOS Email Gateway <16.0.1-017 Cisco / AsyncOS		Email Gateway <16.0.1-017
Cisco AsyncOS Email Gateway <15.5.3-022 Cisco / AsyncOS		Email Gateway <15.5.3-022
Cisco Secure Email Gateway <16.0.0-050 Cisco / Secure Email Gateway		<16.0.0-050
Cisco Secure Email Gateway <15.0.3-002 Cisco / Secure Email Gateway		<15.0.3-002
Cisco AsyncOS Web Appliance <15.2.2-009 Cisco / AsyncOS		Web Appliance <15.2.2-009

CVE-2025-20185

Es besteht eine Schwachstelle in der Cisco AsyncOS Software für Cisco Secure Email and Web Manager, Cisco Secure Email Gateway und Cisco Secure Web Appliance. Aufgrund eines Architekturfehlers im Algorithmus zur Generierung von Passwörtern für die Fernzugriffsfunktionalität kann ein temporäres Passwort für das Dienstkonto generiert werden. Ein entfernter, authentisierter Angreifer mit administrativen Berechtigungen kann diese Schwachstelle ausnutzen, um Root-Rechte zu erlangen, beliebige Befehle als Root auszuführen und Zugriff auf das zugrunde liegende Betriebssystem zu erhalten.

Affected products

Known affected 12 products

Product	Identifier	Version	Remediation
Cisco AsyncOS Email Gateway <16.0.1-017 Cisco / AsyncOS		Email Gateway <16.0.1-017
Cisco AsyncOS Email Gateway <15.5.3-022 Cisco / AsyncOS		Email Gateway <15.5.3-022
Cisco AsyncOS Web Appliance <15.2.1-011 Cisco / AsyncOS		Web Appliance <15.2.1-011
Cisco AsyncOS Email and Web Manager <16.0.1-010 Cisco / AsyncOS		Email and Web Manager <16.0.1-010
Cisco AsyncOS Web Appliance <15.0.1-004 Cisco / AsyncOS		Web Appliance <15.0.1-004
Cisco AsyncOS Email and Web Manager <15.5.3-017 Cisco / AsyncOS		Email and Web Manager <15.5.3-017
Cisco Secure Web Appliance <15.2.1-010 Cisco / Secure Web Appliance		<15.2.1-010
Cisco Secure Web Appliance <15.0.1-004 Cisco / Secure Web Appliance		<15.0.1-004
Cisco Secure Email Gateway <16.0.0-050 Cisco / Secure Email Gateway		<16.0.0-050
Cisco Secure Email Gateway <15.5.2-018 Cisco / Secure Email Gateway		<15.5.2-018
Cisco Secure Email Gateway <15.0.3-002 Cisco / Secure Email Gateway		<15.0.3-002
Cisco AsyncOS Web Appliance <15.2.2-009 Cisco / AsyncOS		Web Appliance <15.2.2-009

CVE-2025-20180

In der Cisco AsyncOS Software für Cisco Secure Email and Web Manager und Secure Email Gateway wurde eine Cross-Site Scripting Schwachstelle entdeckt. Dieses Problem wird durch eine unsachgemäße Filterung der vom Benutzer eingegebenen Daten in der webbasierten Verwaltungsschnittstelle verursacht, bevor die Eingaben angezeigt werden. Ein entfernter, authentisierter Angreifer mit mindestens der Operator-Rolle kann diese Schwachstelle ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, bei der das Opfer einer betroffenen Schnittstelle auf einen manipulierten Link klicken muss.

Affected products

Known affected 7 products

Product	Identifier	Version	Remediation
Cisco AsyncOS Email Gateway <16.0.1-017 Cisco / AsyncOS		Email Gateway <16.0.1-017
Cisco AsyncOS Email Gateway <15.5.3-022 Cisco / AsyncOS		Email Gateway <15.5.3-022
Cisco AsyncOS Email and Web Manager <16.0.1-010 Cisco / AsyncOS		Email and Web Manager <16.0.1-010
Cisco AsyncOS Email and Web Manager <15.5.3-017 Cisco / AsyncOS		Email and Web Manager <15.5.3-017
Cisco Secure Email Gateway <16.0.0-050 Cisco / Secure Email Gateway		<16.0.0-050
Cisco Secure Email Gateway <15.5.2-018 Cisco / Secure Email Gateway		<15.5.2-018
Cisco Secure Email Gateway <15.0.3-002 Cisco / Secure Email Gateway		<15.0.3-002

CVE-2025-20183

Es besteht eine Schwachstelle in der Cisco AsyncOS Software für Cisco Secure Web Appliance. Die Schwachstelle betrifft die richtlinienbasierte Cisco Application Visibility and Control (AVC)-Implementierung aufgrund der unsachgemäßen Behandlung eines manipulierten Range Request Headers. Durch das Senden einer HTTP-Anfrage mit einem manipulierten Range-Request-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um den Antiviren-Scanner zu umgehen und Malware unbemerkt auf den Endpunkt zu laden.

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
Cisco AsyncOS Web Appliance <15.2.1-011 Cisco / AsyncOS		Web Appliance <15.2.1-011
Cisco AsyncOS Web Appliance <15.0.1-004 Cisco / AsyncOS		Web Appliance <15.0.1-004
Cisco Secure Web Appliance <15.2.1-010 Cisco / Secure Web Appliance		<15.2.1-010
Cisco Secure Web Appliance <15.0.1-004 Cisco / Secure Web Appliance		<15.0.1-004

CVE-2025-20207

Es besteht eine Schwachstelle in Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die Schwachstelle betrifft das Simple Network Management Protocol (SNMP) Polling, da kein ausreichender Schutz für vertrauliche Informationen in SNMP-Polling-Antworten vorhanden ist. Ein entfernt authentisierter Angreifer mit konfigurierten SNMP-Anmeldeinformationen kann diese Schwachstelle ausnutzen, um vertrauliche Informationen über das zugrundeliegende Betriebssystem preiszugeben.

Affected products

Known affected 5 products

Product	Identifier	Version	Remediation
Cisco Secure Web Appliance <15.2.1-010 Cisco / Secure Web Appliance		<15.2.1-010
Cisco Secure Web Appliance <15.0.1-004 Cisco / Secure Web Appliance		<15.0.1-004
Cisco Secure Email Gateway <16.0.0-050 Cisco / Secure Email Gateway		<16.0.0-050
Cisco Secure Email Gateway <15.5.2-018 Cisco / Secure Email Gateway		<15.5.2-018
Cisco Secure Email Gateway <15.0.3-002 Cisco / Secure Email Gateway		<15.0.3-002

References

6 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://sec.cloudapps.cisco.com/security/center/c…	external
https://sec.cloudapps.cisco.com/security/center/c…	external
https://sec.cloudapps.cisco.com/security/center/c…	external
https://sec.cloudapps.cisco.com/security/center/c…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Cisco AsyncOS ist ein Betriebssystem f\u00fcr Cisco Appliances.\r\nDas Cisco Secure Email Gateway ist eine Sicherheitsl\u00f6sung zum Schutz der E-Mail Kommunikation.\r\nCisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuf\u00fchren, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- CISCO Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0276 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0276.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0276 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0276"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-multi-yKUJhS34 vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-xss-WCk2WcuG vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-swa-range-bypass-2BsEHYSu vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
      }
    ],
    "source_lang": "en-US",
    "title": "Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-05T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-06T10:05:04.286+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0276",
      "initial_release_date": "2025-02-05T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-02-05T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Email and Web Manager \u003c15.5.3-017",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager \u003c15.5.3-017",
                  "product_id": "T040826"
                }
              },
              {
                "category": "product_version",
                "name": "Email and Web Manager 15.5.3-017",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager 15.5.3-017",
                  "product_id": "T040826-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__15.5.3-017"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email and Web Manager \u003c16.0.1-010",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager \u003c16.0.1-010",
                  "product_id": "T040827"
                }
              },
              {
                "category": "product_version",
                "name": "Email and Web Manager 16.0.1-010",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager 16.0.1-010",
                  "product_id": "T040827-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__16.0.1-010"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email Gateway \u003c15.5.3-022",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway \u003c15.5.3-022",
                  "product_id": "T040828"
                }
              },
              {
                "category": "product_version",
                "name": "Email Gateway 15.5.3-022",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway 15.5.3-022",
                  "product_id": "T040828-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_gateway__15.5.3-022"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email Gateway \u003c16.0.1-017",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway \u003c16.0.1-017",
                  "product_id": "T040829"
                }
              },
              {
                "category": "product_version",
                "name": "Email Gateway 16.0.1-017",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway 16.0.1-017",
                  "product_id": "T040829-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_gateway__16.0.1-017"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.2.2-009",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.2.2-009",
                  "product_id": "T040830"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.2.2-009",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.2.2-009",
                  "product_id": "T040830-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.2-009"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.0.1-004",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.0.1-004",
                  "product_id": "T040837"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.0.1-004",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.0.1-004",
                  "product_id": "T040837-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.0.1-004"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.2.1-011",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.2.1-011",
                  "product_id": "T040838"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.2.1-011",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.2.1-011",
                  "product_id": "T040838-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.1-011"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "AsyncOS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c15.0.3-002",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c15.0.3-002",
                  "product_id": "T040832"
                }
              },
              {
                "category": "product_version",
                "name": "15.0.3-002",
                "product": {
                  "name": "Cisco Secure Email Gateway 15.0.3-002",
                  "product_id": "T040832-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:15.0.3-002"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c15.5.2-018",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c15.5.2-018",
                  "product_id": "T040833"
                }
              },
              {
                "category": "product_version",
                "name": "15.5.2-018",
                "product": {
                  "name": "Cisco Secure Email Gateway 15.5.2-018",
                  "product_id": "T040833-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:15.5.2-018"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.0.0-050",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c16.0.0-050",
                  "product_id": "T040834"
                }
              },
              {
                "category": "product_version",
                "name": "16.0.0-050",
                "product": {
                  "name": "Cisco Secure Email Gateway 16.0.0-050",
                  "product_id": "T040834-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:16.0.0-050"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Email Gateway"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c15.0.1-004",
                "product": {
                  "name": "Cisco Secure Web Appliance \u003c15.0.1-004",
                  "product_id": "T040835"
                }
              },
              {
                "category": "product_version",
                "name": "15.0.1-004",
                "product": {
                  "name": "Cisco Secure Web Appliance 15.0.1-004",
                  "product_id": "T040835-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_web_appliance:15.0.1-004"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c15.2.1-010",
                "product": {
                  "name": "Cisco Secure Web Appliance \u003c15.2.1-010",
                  "product_id": "T040836"
                }
              },
              {
                "category": "product_version",
                "name": "15.2.1-010",
                "product": {
                  "name": "Cisco Secure Web Appliance 15.2.1-010",
                  "product_id": "T040836-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_web_appliance:15.2.1-010"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Web Appliance"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20184",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die unzureichende Validierung von XML-Konfigurationsdateien erm\u00f6glicht die Einspeisung von Befehlen durch das Hochladen einer manipulierten XML-Konfigurationsdatei. Ein entfernter, authentisierter Angreifer mit administrativen Anmeldedaten kann diese Schwachstelle ausnutzen, um Befehle mit Root-Rechten in das zugrunde liegende Betriebssystem einzuschleusen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040834",
          "T040832",
          "T040830"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20184"
    },
    {
      "cve": "CVE-2025-20185",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager, Cisco Secure Email Gateway und Cisco Secure Web Appliance. Aufgrund eines Architekturfehlers im Algorithmus zur Generierung von Passw\u00f6rtern f\u00fcr die Fernzugriffsfunktionalit\u00e4t kann ein tempor\u00e4res Passwort f\u00fcr das Dienstkonto generiert werden. Ein entfernter, authentisierter Angreifer mit administrativen Berechtigungen kann diese Schwachstelle ausnutzen, um Root-Rechte zu erlangen, beliebige Befehle als Root auszuf\u00fchren und Zugriff auf das zugrunde liegende Betriebssystem zu erhalten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040838",
          "T040827",
          "T040837",
          "T040826",
          "T040836",
          "T040835",
          "T040834",
          "T040833",
          "T040832",
          "T040830"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20185"
    },
    {
      "cve": "CVE-2025-20180",
      "notes": [
        {
          "category": "description",
          "text": "In der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager und Secure Email Gateway wurde eine Cross-Site Scripting Schwachstelle entdeckt. Dieses Problem wird durch eine unsachgem\u00e4\u00dfe Filterung der vom Benutzer eingegebenen Daten in der webbasierten Verwaltungsschnittstelle verursacht, bevor die Eingaben angezeigt werden. Ein entfernter, authentisierter Angreifer mit mindestens der Operator-Rolle kann diese Schwachstelle ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, bei der das Opfer einer betroffenen Schnittstelle auf einen manipulierten Link klicken muss."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040827",
          "T040826",
          "T040834",
          "T040833",
          "T040832"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20180"
    },
    {
      "cve": "CVE-2025-20183",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Web Appliance. Die Schwachstelle betrifft die richtlinienbasierte Cisco Application Visibility and Control (AVC)-Implementierung aufgrund der unsachgem\u00e4\u00dfen Behandlung eines manipulierten Range Request Headers. Durch das Senden einer HTTP-Anfrage mit einem manipulierten Range-Request-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um den Antiviren-Scanner zu umgehen und Malware unbemerkt auf den Endpunkt zu laden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040838",
          "T040837",
          "T040836",
          "T040835"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20183"
    },
    {
      "cve": "CVE-2025-20207",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die Schwachstelle betrifft das Simple Network Management Protocol (SNMP) Polling, da kein ausreichender Schutz f\u00fcr vertrauliche Informationen in SNMP-Polling-Antworten vorhanden ist. Ein entfernt authentisierter Angreifer mit konfigurierten SNMP-Anmeldeinformationen kann diese Schwachstelle ausnutzen, um vertrauliche Informationen \u00fcber das zugrundeliegende Betriebssystem preiszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040836",
          "T040835",
          "T040834",
          "T040833",
          "T040832"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20207"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-20207 (GCVE-0-2025-20207)

BDU:2025-01895

CISCO-SA-ESA-SMA-WSA-SNMP-INF-FQPVL8SX

FKIE_CVE-2025-20207

GHSA-W3CF-QCR3-6PPG

WID-SEC-W-2025-0276

Tags

Sightings

Nomenclature