fkie_cve-2025-20185
Vulnerability from fkie_nvd
Published
2025-02-05 17:15
Modified
2025-02-05 17:15
Severity ?
3.4 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34
Impacted products
Vendor Product Version


To clipboard 

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system.\r\nNote: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad de acceso remoto de Cisco AsyncOS Software para Cisco Secure Email and Web Manager, Cisco Secure Email Gateway y Cisco Secure Web Appliance podría permitir que un atacante local autenticado eleve los privilegios a superusuario. El atacante debe autenticarse con credenciales de administrador válidas. Esta vulnerabilidad se debe a una falla arquitectónica en el algoritmo de generación de contraseñas para la funcionalidad de acceso remoto. Un atacante podría explotar esta vulnerabilidad generando una contraseña temporal para la cuenta de servicio. Una explotación exitosa podría permitir al atacante ejecutar comandos arbitrarios como superusuario y acceder al sistema operativo subyacente. Nota: La calificación de impacto de seguridad (SIR) para esta vulnerabilidad es media debido al alcance ilimitado de la información a la que puede acceder un atacante.",
      },
   ],
   id: "CVE-2025-20185",
   lastModified: "2025-02-05T17:15:25.883",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 3.4,
               baseSeverity: "LOW",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 2.5,
            source: "psirt@cisco.com",
            type: "Primary",
         },
      ],
   },
   published: "2025-02-05T17:15:25.883",
   references: [
      {
         source: "psirt@cisco.com",
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Awaiting Analysis",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-250",
            },
         ],
         source: "psirt@cisco.com",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.