cvelistv5 - cve-2025-20207

CVE-2025-20207 (GCVE-0-2025-20207)

Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57

Summary

A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

Vendor

Product

Version

Cisco

Cisco Secure Email

Affected: 14.0.0-698
Affected: 13.5.1-277
Affected: 13.0.0-392
Affected: 14.2.0-620
Affected: 13.0.5-007
Affected: 13.5.4-038
Affected: 14.2.1-020
Affected: 14.3.0-032
Affected: 15.0.0-104
Affected: 15.0.1-030
Affected: 15.5.0-048
Affected: 15.5.1-055

	Cisco	Cisco Secure Email and Web Manager	Affected: 13.6.2-023 Affected: 13.6.2-078 Affected: 13.0.0-249 Affected: 13.0.0-277 Affected: 13.8.1-052 Affected: 13.8.1-068 Affected: 13.8.1-074 Affected: 14.0.0-404 Affected: 12.8.1-002 Affected: 14.1.0-227 Affected: 13.6.1-201 Affected: 14.2.0-203 Affected: 14.2.0-212 Affected: 12.8.1-021 Affected: 13.8.1-108 Affected: 14.2.0-224 Affected: 14.3.0-120 Affected: 15.0.0-334 Affected: 15.5.1-024 Affected: 15.5.1-029
	Cisco	Cisco Secure Web Appliance	Affected: 11.8.0-453 Affected: 12.5.3-002 Affected: 12.0.3-007 Affected: 12.0.3-005 Affected: 14.1.0-032 Affected: 14.1.0-047 Affected: 14.1.0-041 Affected: 12.0.4-002 Affected: 14.0.2-012 Affected: 11.8.0-414 Affected: 12.0.1-268 Affected: 11.8.1-023 Affected: 11.8.3-021 Affected: 11.8.3-018 Affected: 12.5.1-011 Affected: 11.8.4-004 Affected: 12.5.2-007 Affected: 12.5.2-011 Affected: 14.5.0-498 Affected: 12.5.4-005 Affected: 12.5.4-011 Affected: 12.0.5-011 Affected: 14.0.3-014 Affected: 12.5.5-004 Affected: 12.5.5-005 Affected: 12.5.5-008 Affected: 14.0.4-005 Affected: 14.5.1-008 Affected: 14.5.1-016 Affected: 15.0.0-355 Affected: 15.0.0-322 Affected: 12.5.6-008 Affected: 15.1.0-287 Affected: 14.5.2-011 Affected: 15.2.0-116 Affected: 14.0.5-007 Affected: 15.2.0-164 Affected: 14.5.1-510 Affected: 12.0.2-012 Affected: 12.0.2-004 Affected: 14.5.1-607 Affected: 14.5.3-033 Affected: 12.0.1-334 Affected: 14.0.1-503 Affected: 14.0.1-053 Affected: 11.8.0-429 Affected: 14.0.1-040 Affected: 14.0.1-014 Affected: 12.5.1-043

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20207",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T16:57:37.294661Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T16:57:53.809Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Email",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "14.0.0-698"
            },
            {
              "status": "affected",
              "version": "13.5.1-277"
            },
            {
              "status": "affected",
              "version": "13.0.0-392"
            },
            {
              "status": "affected",
              "version": "14.2.0-620"
            },
            {
              "status": "affected",
              "version": "13.0.5-007"
            },
            {
              "status": "affected",
              "version": "13.5.4-038"
            },
            {
              "status": "affected",
              "version": "14.2.1-020"
            },
            {
              "status": "affected",
              "version": "14.3.0-032"
            },
            {
              "status": "affected",
              "version": "15.0.0-104"
            },
            {
              "status": "affected",
              "version": "15.0.1-030"
            },
            {
              "status": "affected",
              "version": "15.5.0-048"
            },
            {
              "status": "affected",
              "version": "15.5.1-055"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Email and Web Manager",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "13.6.2-023"
            },
            {
              "status": "affected",
              "version": "13.6.2-078"
            },
            {
              "status": "affected",
              "version": "13.0.0-249"
            },
            {
              "status": "affected",
              "version": "13.0.0-277"
            },
            {
              "status": "affected",
              "version": "13.8.1-052"
            },
            {
              "status": "affected",
              "version": "13.8.1-068"
            },
            {
              "status": "affected",
              "version": "13.8.1-074"
            },
            {
              "status": "affected",
              "version": "14.0.0-404"
            },
            {
              "status": "affected",
              "version": "12.8.1-002"
            },
            {
              "status": "affected",
              "version": "14.1.0-227"
            },
            {
              "status": "affected",
              "version": "13.6.1-201"
            },
            {
              "status": "affected",
              "version": "14.2.0-203"
            },
            {
              "status": "affected",
              "version": "14.2.0-212"
            },
            {
              "status": "affected",
              "version": "12.8.1-021"
            },
            {
              "status": "affected",
              "version": "13.8.1-108"
            },
            {
              "status": "affected",
              "version": "14.2.0-224"
            },
            {
              "status": "affected",
              "version": "14.3.0-120"
            },
            {
              "status": "affected",
              "version": "15.0.0-334"
            },
            {
              "status": "affected",
              "version": "15.5.1-024"
            },
            {
              "status": "affected",
              "version": "15.5.1-029"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Secure Web Appliance",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "11.8.0-453"
            },
            {
              "status": "affected",
              "version": "12.5.3-002"
            },
            {
              "status": "affected",
              "version": "12.0.3-007"
            },
            {
              "status": "affected",
              "version": "12.0.3-005"
            },
            {
              "status": "affected",
              "version": "14.1.0-032"
            },
            {
              "status": "affected",
              "version": "14.1.0-047"
            },
            {
              "status": "affected",
              "version": "14.1.0-041"
            },
            {
              "status": "affected",
              "version": "12.0.4-002"
            },
            {
              "status": "affected",
              "version": "14.0.2-012"
            },
            {
              "status": "affected",
              "version": "11.8.0-414"
            },
            {
              "status": "affected",
              "version": "12.0.1-268"
            },
            {
              "status": "affected",
              "version": "11.8.1-023"
            },
            {
              "status": "affected",
              "version": "11.8.3-021"
            },
            {
              "status": "affected",
              "version": "11.8.3-018"
            },
            {
              "status": "affected",
              "version": "12.5.1-011"
            },
            {
              "status": "affected",
              "version": "11.8.4-004"
            },
            {
              "status": "affected",
              "version": "12.5.2-007"
            },
            {
              "status": "affected",
              "version": "12.5.2-011"
            },
            {
              "status": "affected",
              "version": "14.5.0-498"
            },
            {
              "status": "affected",
              "version": "12.5.4-005"
            },
            {
              "status": "affected",
              "version": "12.5.4-011"
            },
            {
              "status": "affected",
              "version": "12.0.5-011"
            },
            {
              "status": "affected",
              "version": "14.0.3-014"
            },
            {
              "status": "affected",
              "version": "12.5.5-004"
            },
            {
              "status": "affected",
              "version": "12.5.5-005"
            },
            {
              "status": "affected",
              "version": "12.5.5-008"
            },
            {
              "status": "affected",
              "version": "14.0.4-005"
            },
            {
              "status": "affected",
              "version": "14.5.1-008"
            },
            {
              "status": "affected",
              "version": "14.5.1-016"
            },
            {
              "status": "affected",
              "version": "15.0.0-355"
            },
            {
              "status": "affected",
              "version": "15.0.0-322"
            },
            {
              "status": "affected",
              "version": "12.5.6-008"
            },
            {
              "status": "affected",
              "version": "15.1.0-287"
            },
            {
              "status": "affected",
              "version": "14.5.2-011"
            },
            {
              "status": "affected",
              "version": "15.2.0-116"
            },
            {
              "status": "affected",
              "version": "14.0.5-007"
            },
            {
              "status": "affected",
              "version": "15.2.0-164"
            },
            {
              "status": "affected",
              "version": "14.5.1-510"
            },
            {
              "status": "affected",
              "version": "12.0.2-012"
            },
            {
              "status": "affected",
              "version": "12.0.2-004"
            },
            {
              "status": "affected",
              "version": "14.5.1-607"
            },
            {
              "status": "affected",
              "version": "14.5.3-033"
            },
            {
              "status": "affected",
              "version": "12.0.1-334"
            },
            {
              "status": "affected",
              "version": "14.0.1-503"
            },
            {
              "status": "affected",
              "version": "14.0.1-053"
            },
            {
              "status": "affected",
              "version": "11.8.0-429"
            },
            {
              "status": "affected",
              "version": "14.0.1-040"
            },
            {
              "status": "affected",
              "version": "14.0.1-014"
            },
            {
              "status": "affected",
              "version": "12.5.1-043"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-05T16:15:06.012Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
        }
      ],
      "source": {
        "advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
        "defects": [
          "CSCwk60819"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20207",
    "datePublished": "2025-02-05T16:15:06.012Z",
    "dateReserved": "2024-10-10T19:15:13.230Z",
    "dateUpdated": "2025-02-05T16:57:53.809Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-20207\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-02-05T17:15:26.410\",\"lastModified\":\"2025-02-05T17:15:26.410\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\\r\\n\\r\\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el sondeo de Simple Network Management Protocol (SNMP) para Cisco Secure Email and Web Manager, Cisco Secure Email Gateway y Cisco Secure Web Appliance podr\u00eda permitir que un atacante remoto autenticado obtenga informaci\u00f3n confidencial sobre el sistema operativo subyacente. Esta vulnerabilidad existe porque los dispositivos no protegen la informaci\u00f3n confidencial en reposo en respuesta a las solicitudes de sondeo SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud de sondeo SNMP manipulada al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante descubrir informaci\u00f3n confidencial que deber\u00eda estar restringida. Para aprovechar esta vulnerabilidad, un atacante debe tener las credenciales SNMP configuradas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20207\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-05T16:57:37.294661Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-05T16:57:47.207Z\"}}], \"cna\": {\"title\": \"Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability\", \"source\": {\"defects\": [\"CSCwk60819\"], \"advisory\": \"cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Email\", \"versions\": [{\"status\": \"affected\", \"version\": \"14.0.0-698\"}, {\"status\": \"affected\", \"version\": \"13.5.1-277\"}, {\"status\": \"affected\", \"version\": \"13.0.0-392\"}, {\"status\": \"affected\", \"version\": \"14.2.0-620\"}, {\"status\": \"affected\", \"version\": \"13.0.5-007\"}, {\"status\": \"affected\", \"version\": \"13.5.4-038\"}, {\"status\": \"affected\", \"version\": \"14.2.1-020\"}, {\"status\": \"affected\", \"version\": \"14.3.0-032\"}, {\"status\": \"affected\", \"version\": \"15.0.0-104\"}, {\"status\": \"affected\", \"version\": \"15.0.1-030\"}, {\"status\": \"affected\", \"version\": \"15.5.0-048\"}, {\"status\": \"affected\", \"version\": \"15.5.1-055\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Email and Web Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.6.2-023\"}, {\"status\": \"affected\", \"version\": \"13.6.2-078\"}, {\"status\": \"affected\", \"version\": \"13.0.0-249\"}, {\"status\": \"affected\", \"version\": \"13.0.0-277\"}, {\"status\": \"affected\", \"version\": \"13.8.1-052\"}, {\"status\": \"affected\", \"version\": \"13.8.1-068\"}, {\"status\": \"affected\", \"version\": \"13.8.1-074\"}, {\"status\": \"affected\", \"version\": \"14.0.0-404\"}, {\"status\": \"affected\", \"version\": \"12.8.1-002\"}, {\"status\": \"affected\", \"version\": \"14.1.0-227\"}, {\"status\": \"affected\", \"version\": \"13.6.1-201\"}, {\"status\": \"affected\", \"version\": \"14.2.0-203\"}, {\"status\": \"affected\", \"version\": \"14.2.0-212\"}, {\"status\": \"affected\", \"version\": \"12.8.1-021\"}, {\"status\": \"affected\", \"version\": \"13.8.1-108\"}, {\"status\": \"affected\", \"version\": \"14.2.0-224\"}, {\"status\": \"affected\", \"version\": \"14.3.0-120\"}, {\"status\": \"affected\", \"version\": \"15.0.0-334\"}, {\"status\": \"affected\", \"version\": \"15.5.1-024\"}, {\"status\": \"affected\", \"version\": \"15.5.1-029\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Secure Web Appliance\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.8.0-453\"}, {\"status\": \"affected\", \"version\": \"12.5.3-002\"}, {\"status\": \"affected\", \"version\": \"12.0.3-007\"}, {\"status\": \"affected\", \"version\": \"12.0.3-005\"}, {\"status\": \"affected\", \"version\": \"14.1.0-032\"}, {\"status\": \"affected\", \"version\": \"14.1.0-047\"}, {\"status\": \"affected\", \"version\": \"14.1.0-041\"}, {\"status\": \"affected\", \"version\": \"12.0.4-002\"}, {\"status\": \"affected\", \"version\": \"14.0.2-012\"}, {\"status\": \"affected\", \"version\": \"11.8.0-414\"}, {\"status\": \"affected\", \"version\": \"12.0.1-268\"}, {\"status\": \"affected\", \"version\": \"11.8.1-023\"}, {\"status\": \"affected\", \"version\": \"11.8.3-021\"}, {\"status\": \"affected\", \"version\": \"11.8.3-018\"}, {\"status\": \"affected\", \"version\": \"12.5.1-011\"}, {\"status\": \"affected\", \"version\": \"11.8.4-004\"}, {\"status\": \"affected\", \"version\": \"12.5.2-007\"}, {\"status\": \"affected\", \"version\": \"12.5.2-011\"}, {\"status\": \"affected\", \"version\": \"14.5.0-498\"}, {\"status\": \"affected\", \"version\": \"12.5.4-005\"}, {\"status\": \"affected\", \"version\": \"12.5.4-011\"}, {\"status\": \"affected\", \"version\": \"12.0.5-011\"}, {\"status\": \"affected\", \"version\": \"14.0.3-014\"}, {\"status\": \"affected\", \"version\": \"12.5.5-004\"}, {\"status\": \"affected\", \"version\": \"12.5.5-005\"}, {\"status\": \"affected\", \"version\": \"12.5.5-008\"}, {\"status\": \"affected\", \"version\": \"14.0.4-005\"}, {\"status\": \"affected\", \"version\": \"14.5.1-008\"}, {\"status\": \"affected\", \"version\": \"14.5.1-016\"}, {\"status\": \"affected\", \"version\": \"15.0.0-355\"}, {\"status\": \"affected\", \"version\": \"15.0.0-322\"}, {\"status\": \"affected\", \"version\": \"12.5.6-008\"}, {\"status\": \"affected\", \"version\": \"15.1.0-287\"}, {\"status\": \"affected\", \"version\": \"14.5.2-011\"}, {\"status\": \"affected\", \"version\": \"15.2.0-116\"}, {\"status\": \"affected\", \"version\": \"14.0.5-007\"}, {\"status\": \"affected\", \"version\": \"15.2.0-164\"}, {\"status\": \"affected\", \"version\": \"14.5.1-510\"}, {\"status\": \"affected\", \"version\": \"12.0.2-012\"}, {\"status\": \"affected\", \"version\": \"12.0.2-004\"}, {\"status\": \"affected\", \"version\": \"14.5.1-607\"}, {\"status\": \"affected\", \"version\": \"14.5.3-033\"}, {\"status\": \"affected\", \"version\": \"12.0.1-334\"}, {\"status\": \"affected\", \"version\": \"14.0.1-503\"}, {\"status\": \"affected\", \"version\": \"14.0.1-053\"}, {\"status\": \"affected\", \"version\": \"11.8.0-429\"}, {\"status\": \"affected\", \"version\": \"14.0.1-040\"}, {\"status\": \"affected\", \"version\": \"14.0.1-014\"}, {\"status\": \"affected\", \"version\": \"12.5.1-043\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\", \"name\": \"cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\\r\\n\\r\\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-200\", \"description\": \"Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-02-05T16:15:06.012Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-20207\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-05T16:57:53.809Z\", \"dateReserved\": \"2024-10-10T19:15:13.230Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-02-05T16:15:06.012Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-W3CF-QCR3-6PPG

Vulnerability from github – Published: 2025-02-05 18:34 – Updated: 2025-02-05 18:34

Details

This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-20207"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-05T17:15:26Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\n\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.",
  "id": "GHSA-w3cf-qcr3-6ppg",
  "modified": "2025-02-05T18:34:45Z",
  "published": "2025-02-05T18:34:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20207"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CISCO-SA-ESA-SMA-WSA-SNMP-INF-FQPVL8SX

Vulnerability from csaf_cisco - Published: 2025-02-05 16:00 - Updated: 2025-02-05 16:00

Summary

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability

Notes

Summary

Vulnerable Products

At the time of publication, this vulnerability affected the following Cisco products if they had SNMP enabled: Secure Email and Web Manager Secure Email Gateway Secure Web Appliance Note: SNMP is not enabled by default on these products. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software ["#fs"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Determine Whether SNMP Is Enabled To determine whether SNMP is enabled on a device, connect to the device using SSH and run the snmpconfig command. The following example shows the output of this command on a device that has SNMP configured: ESA> snmpconfig Current SNMP settings: Listening on interface "Management" 10.10.10.10/27 port 161. SNMP v3: Enabled. Security level: authPriv Authentication Protocol: SHA [...] The following example shows the output of this command on a device that does not have SNMP configured: ESA> snmpconfig Current SNMP settings: SNMP Disabled. Note: The preceding examples show the output of this command on Cisco Secure Email Gateway. The output for the command on the other affected products is almost identical.

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Workarounds

There are no workarounds that address this vulnerability.

Fixed Software

When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases At the time of publication, the release information in the following tables was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability that is described in this advisory and which release included the fix for this vulnerability. Cisco Secure Email and Web Manager Release First Fixed Release 15.5 and earlier 15.5.2-005 16.0 16.0.0-195 Cisco Secure Email Gateway Release First Fixed Release 15.0 and earlier 15.0.3-002 15.5 15.5.2-018 16.0 16.0.0-050 Cisco Secure Web Appliance Release First Fixed Release 15.0 and earlier 15.0.1-004 15.1 Migrate to a fixed release. 15.2 15.2.1-010 In most cases, the software can be upgraded over the network by using the System Upgrade options in the web-based management interface of the appliance. To upgrade a device by using the web-based management interface, do the following: Choose System Administration > System Upgrade. Click Upgrade Options. Click Download and Install. Choose a release to upgrade to. In the Upgrade Preparation area, choose the appropriate options. Click Proceed to begin the upgrade. A progress bar displays the status of the upgrade. After the upgrade is complete, the device reboots. Cisco Secure Email Cloud includes Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices as part of the service solution. Cisco provides regular maintenance of the products included in this solution. Customers can also request a software upgrade by contacting the Cisco TAC. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

This vulnerability was found during internal security testing.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during internal security testing."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "At the time of publication, this vulnerability affected the following Cisco products if they had SNMP enabled:\r\n\r\nSecure Email and Web Manager\r\nSecure Email Gateway\r\nSecure Web Appliance\r\n\r\nNote: SNMP is not enabled by default on these products.\r\n\r\nFor information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software [\"#fs\"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n  Determine Whether SNMP Is Enabled\r\nTo determine whether SNMP is enabled on a device, connect to the device using SSH and run the snmpconfig command.\r\n\r\nThe following example shows the output of this command on a device that has SNMP configured:\r\n\r\n\r\nESA\u003e snmpconfig\r\nCurrent SNMP settings:\r\nListening on interface \"Management\" 10.10.10.10/27 port 161.\r\nSNMP v3: Enabled. Security level: authPriv\r\nAuthentication Protocol: SHA\r\n[...]\r\n\r\nThe following example shows the output of this command on a device that does not have SNMP configured:\r\n\r\n\r\nESA\u003e snmpconfig\r\nCurrent SNMP settings:\r\nSNMP Disabled.\r\n\r\nNote: The preceding examples show the output of this command on Cisco Secure Email Gateway. The output for the command on the other affected products is almost identical.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n      Fixed Releases\r\nAt the time of publication, the release information in the following tables was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n\r\nThe left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability that is described in this advisory and which release included the fix for this vulnerability.\r\n        Cisco Secure Email and Web Manager Release  First Fixed Release          15.5 and earlier  15.5.2-005      16.0  16.0.0-195\r\n         Cisco Secure Email Gateway Release  First Fixed Release          15.0 and earlier  15.0.3-002      15.5  15.5.2-018      16.0  16.0.0-050\r\n         Cisco Secure Web Appliance Release  First Fixed Release          15.0 and earlier  15.0.1-004      15.1  Migrate to a fixed release.      15.2  15.2.1-010\r\nIn most cases, the software can be upgraded over the network by using the System Upgrade options in the web-based management interface of the appliance. To upgrade a device by using the web-based management interface, do the following:\r\n\r\nChoose System Administration \u003e System Upgrade.\r\nClick Upgrade Options.\r\nClick Download and Install.\r\nChoose a release to upgrade to.\r\nIn the Upgrade Preparation area, choose the appropriate options.\r\nClick Proceed to begin the upgrade. A progress bar displays the status of the upgrade.\r\n\r\nAfter the upgrade is complete, the device reboots.\r\n\r\nCisco Secure Email Cloud includes Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices as part of the service solution. Cisco provides regular maintenance of the products included in this solution. Customers can also request a software upgrade by contacting the Cisco TAC.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during internal security testing.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "considering software upgrades",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability",
    "tracking": {
      "current_release_date": "2025-02-05T16:00:00+00:00",
      "generator": {
        "date": "2025-02-05T16:00:43+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
      "initial_release_date": "2025-02-05T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2025-02-05T15:57:24+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_family",
            "name": "Cisco Secure Web Appliance",
            "product": {
              "name": "Cisco Secure Web Appliance ",
              "product_id": "CSAFPID-189789"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco Secure Email",
            "product": {
              "name": "Cisco Secure Email ",
              "product_id": "CSAFPID-189790"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco Secure Email and Web Manager",
            "product": {
              "name": "Cisco Secure Email and Web Manager ",
              "product_id": "CSAFPID-189791"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20207",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk56452"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk56456"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwk60819"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-189790",
          "CSAFPID-189791",
          "CSAFPID-189789"
        ]
      },
      "release_date": "2025-02-05T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-189791",
            "CSAFPID-189789",
            "CSAFPID-189790"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189790",
            "CSAFPID-189791",
            "CSAFPID-189789"
          ]
        }
      ],
      "title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
    }
  ]
}

WID-SEC-W-2025-0276

Vulnerability from csaf_certbund - Published: 2025-02-05 23:00 - Updated: 2025-02-05 23:00

Summary

Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Cisco AsyncOS ist ein Betriebssystem für Cisco Appliances. Das Cisco Secure Email Gateway ist eine Sicherheitslösung zum Schutz der E-Mail Kommunikation. Cisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.

Angriff

Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuführen, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme

- CISCO Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Cisco AsyncOS ist ein Betriebssystem f\u00fcr Cisco Appliances.\r\nDas Cisco Secure Email Gateway ist eine Sicherheitsl\u00f6sung zum Schutz der E-Mail Kommunikation.\r\nCisco Secure Web Appliance (ehem. Cisco Web Security) bietet einen on-premise Web Proxy mit Schutz vor vielen Bedrohungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Cisco AsyncOS, Cisco Secure Email Gateway und Cisco Secure Web Appliance ausnutzen, um beliebigen Code mit Administratorrechten auszuf\u00fchren, Root-Rechte zu erlangen, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- CISCO Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0276 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0276.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0276 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0276"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-multi-yKUJhS34 vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-esa-sma-xss-WCk2WcuG vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-swa-range-bypass-2BsEHYSu vom 2025-02-05",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"
      }
    ],
    "source_lang": "en-US",
    "title": "Cisco AsyncOS, Secure Email Gateway und Secure Web Appliance: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-05T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-06T10:05:04.286+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0276",
      "initial_release_date": "2025-02-05T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-02-05T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Email and Web Manager \u003c15.5.3-017",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager \u003c15.5.3-017",
                  "product_id": "T040826"
                }
              },
              {
                "category": "product_version",
                "name": "Email and Web Manager 15.5.3-017",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager 15.5.3-017",
                  "product_id": "T040826-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__15.5.3-017"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email and Web Manager \u003c16.0.1-010",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager \u003c16.0.1-010",
                  "product_id": "T040827"
                }
              },
              {
                "category": "product_version",
                "name": "Email and Web Manager 16.0.1-010",
                "product": {
                  "name": "Cisco AsyncOS Email and Web Manager 16.0.1-010",
                  "product_id": "T040827-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_and_web_manager__16.0.1-010"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email Gateway \u003c15.5.3-022",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway \u003c15.5.3-022",
                  "product_id": "T040828"
                }
              },
              {
                "category": "product_version",
                "name": "Email Gateway 15.5.3-022",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway 15.5.3-022",
                  "product_id": "T040828-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_gateway__15.5.3-022"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Email Gateway \u003c16.0.1-017",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway \u003c16.0.1-017",
                  "product_id": "T040829"
                }
              },
              {
                "category": "product_version",
                "name": "Email Gateway 16.0.1-017",
                "product": {
                  "name": "Cisco AsyncOS Email Gateway 16.0.1-017",
                  "product_id": "T040829-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:email_gateway__16.0.1-017"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.2.2-009",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.2.2-009",
                  "product_id": "T040830"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.2.2-009",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.2.2-009",
                  "product_id": "T040830-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.2-009"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.0.1-004",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.0.1-004",
                  "product_id": "T040837"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.0.1-004",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.0.1-004",
                  "product_id": "T040837-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.0.1-004"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Web Appliance \u003c15.2.1-011",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance \u003c15.2.1-011",
                  "product_id": "T040838"
                }
              },
              {
                "category": "product_version",
                "name": "Web Appliance 15.2.1-011",
                "product": {
                  "name": "Cisco AsyncOS Web Appliance 15.2.1-011",
                  "product_id": "T040838-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:cisco:asyncos:web_appliance__15.2.1-011"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "AsyncOS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c15.0.3-002",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c15.0.3-002",
                  "product_id": "T040832"
                }
              },
              {
                "category": "product_version",
                "name": "15.0.3-002",
                "product": {
                  "name": "Cisco Secure Email Gateway 15.0.3-002",
                  "product_id": "T040832-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:15.0.3-002"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c15.5.2-018",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c15.5.2-018",
                  "product_id": "T040833"
                }
              },
              {
                "category": "product_version",
                "name": "15.5.2-018",
                "product": {
                  "name": "Cisco Secure Email Gateway 15.5.2-018",
                  "product_id": "T040833-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:15.5.2-018"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c16.0.0-050",
                "product": {
                  "name": "Cisco Secure Email Gateway \u003c16.0.0-050",
                  "product_id": "T040834"
                }
              },
              {
                "category": "product_version",
                "name": "16.0.0-050",
                "product": {
                  "name": "Cisco Secure Email Gateway 16.0.0-050",
                  "product_id": "T040834-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_email_gateway:16.0.0-050"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Email Gateway"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c15.0.1-004",
                "product": {
                  "name": "Cisco Secure Web Appliance \u003c15.0.1-004",
                  "product_id": "T040835"
                }
              },
              {
                "category": "product_version",
                "name": "15.0.1-004",
                "product": {
                  "name": "Cisco Secure Web Appliance 15.0.1-004",
                  "product_id": "T040835-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_web_appliance:15.0.1-004"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c15.2.1-010",
                "product": {
                  "name": "Cisco Secure Web Appliance \u003c15.2.1-010",
                  "product_id": "T040836"
                }
              },
              {
                "category": "product_version",
                "name": "15.2.1-010",
                "product": {
                  "name": "Cisco Secure Web Appliance 15.2.1-010",
                  "product_id": "T040836-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:cisco:secure_web_appliance:15.2.1-010"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Web Appliance"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-20184",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die unzureichende Validierung von XML-Konfigurationsdateien erm\u00f6glicht die Einspeisung von Befehlen durch das Hochladen einer manipulierten XML-Konfigurationsdatei. Ein entfernter, authentisierter Angreifer mit administrativen Anmeldedaten kann diese Schwachstelle ausnutzen, um Befehle mit Root-Rechten in das zugrunde liegende Betriebssystem einzuschleusen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040834",
          "T040832",
          "T040830"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20184"
    },
    {
      "cve": "CVE-2025-20185",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager, Cisco Secure Email Gateway und Cisco Secure Web Appliance. Aufgrund eines Architekturfehlers im Algorithmus zur Generierung von Passw\u00f6rtern f\u00fcr die Fernzugriffsfunktionalit\u00e4t kann ein tempor\u00e4res Passwort f\u00fcr das Dienstkonto generiert werden. Ein entfernter, authentisierter Angreifer mit administrativen Berechtigungen kann diese Schwachstelle ausnutzen, um Root-Rechte zu erlangen, beliebige Befehle als Root auszuf\u00fchren und Zugriff auf das zugrunde liegende Betriebssystem zu erhalten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040838",
          "T040827",
          "T040837",
          "T040826",
          "T040836",
          "T040835",
          "T040834",
          "T040833",
          "T040832",
          "T040830"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20185"
    },
    {
      "cve": "CVE-2025-20180",
      "notes": [
        {
          "category": "description",
          "text": "In der Cisco AsyncOS Software f\u00fcr Cisco Secure Email and Web Manager und Secure Email Gateway wurde eine Cross-Site Scripting Schwachstelle entdeckt. Dieses Problem wird durch eine unsachgem\u00e4\u00dfe Filterung der vom Benutzer eingegebenen Daten in der webbasierten Verwaltungsschnittstelle verursacht, bevor die Eingaben angezeigt werden. Ein entfernter, authentisierter Angreifer mit mindestens der Operator-Rolle kann diese Schwachstelle ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, bei der das Opfer einer betroffenen Schnittstelle auf einen manipulierten Link klicken muss."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040829",
          "T040828",
          "T040827",
          "T040826",
          "T040834",
          "T040833",
          "T040832"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20180"
    },
    {
      "cve": "CVE-2025-20183",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Cisco AsyncOS Software f\u00fcr Cisco Secure Web Appliance. Die Schwachstelle betrifft die richtlinienbasierte Cisco Application Visibility and Control (AVC)-Implementierung aufgrund der unsachgem\u00e4\u00dfen Behandlung eines manipulierten Range Request Headers. Durch das Senden einer HTTP-Anfrage mit einem manipulierten Range-Request-Header kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um den Antiviren-Scanner zu umgehen und Malware unbemerkt auf den Endpunkt zu laden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040838",
          "T040837",
          "T040836",
          "T040835"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20183"
    },
    {
      "cve": "CVE-2025-20207",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Cisco Secure Email Gateway und Cisco Secure Web Appliance. Die Schwachstelle betrifft das Simple Network Management Protocol (SNMP) Polling, da kein ausreichender Schutz f\u00fcr vertrauliche Informationen in SNMP-Polling-Antworten vorhanden ist. Ein entfernt authentisierter Angreifer mit konfigurierten SNMP-Anmeldeinformationen kann diese Schwachstelle ausnutzen, um vertrauliche Informationen \u00fcber das zugrundeliegende Betriebssystem preiszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040836",
          "T040835",
          "T040834",
          "T040833",
          "T040832"
        ]
      },
      "release_date": "2025-02-05T23:00:00.000+00:00",
      "title": "CVE-2025-20207"
    }
  ]
}

FKIE_CVE-2025-20207

Vulnerability from fkie_nvd - Published: 2025-02-05 17:15 - Updated: 2025-02-05 17:15

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el sondeo de Simple Network Management Protocol (SNMP) para Cisco Secure Email and Web Manager, Cisco Secure Email Gateway y Cisco Secure Web Appliance podr\u00eda permitir que un atacante remoto autenticado obtenga informaci\u00f3n confidencial sobre el sistema operativo subyacente. Esta vulnerabilidad existe porque los dispositivos no protegen la informaci\u00f3n confidencial en reposo en respuesta a las solicitudes de sondeo SNMP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud de sondeo SNMP manipulada al dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante descubrir informaci\u00f3n confidencial que deber\u00eda estar restringida. Para aprovechar esta vulnerabilidad, un atacante debe tener las credenciales SNMP configuradas."
    }
  ],
  "id": "CVE-2025-20207",
  "lastModified": "2025-02-05T17:15:26.410",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-05T17:15:26.410",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-20207 (GCVE-0-2025-20207)

GHSA-W3CF-QCR3-6PPG

CISCO-SA-ESA-SMA-WSA-SNMP-INF-FQPVL8SX

WID-SEC-W-2025-0276

FKIE_CVE-2025-20207

Tags

Sightings

Nomenclature