Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-W3CF-QCR3-6PPG
Vulnerability from github – Published: 2025-02-05 18:34 – Updated: 2025-02-05 18:34
VLAI
Details
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.
This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
Severity
4.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-20207"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-05T17:15:26Z",
"severity": "MODERATE"
},
"details": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\n\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.",
"id": "GHSA-w3cf-qcr3-6ppg",
"modified": "2025-02-05T18:34:45Z",
"published": "2025-02-05T18:34:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20207"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
CVE-2025-20207 (GCVE-0-2025-20207)
Vulnerability from cvelistv5 – Published: 2025-02-05 16:15 – Updated: 2025-02-05 16:57
VLAI
EPSS
Title
Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
Summary
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.
This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Email |
Affected:
14.0.0-698
Affected: 13.5.1-277 Affected: 13.0.0-392 Affected: 14.2.0-620 Affected: 13.0.5-007 Affected: 13.5.4-038 Affected: 14.2.1-020 Affected: 14.3.0-032 Affected: 15.0.0-104 Affected: 15.0.1-030 Affected: 15.5.0-048 Affected: 15.5.1-055 |
|
| Cisco | Cisco Secure Email and Web Manager |
Affected:
13.6.2-023
Affected: 13.6.2-078 Affected: 13.0.0-249 Affected: 13.0.0-277 Affected: 13.8.1-052 Affected: 13.8.1-068 Affected: 13.8.1-074 Affected: 14.0.0-404 Affected: 12.8.1-002 Affected: 14.1.0-227 Affected: 13.6.1-201 Affected: 14.2.0-203 Affected: 14.2.0-212 Affected: 12.8.1-021 Affected: 13.8.1-108 Affected: 14.2.0-224 Affected: 14.3.0-120 Affected: 15.0.0-334 Affected: 15.5.1-024 Affected: 15.5.1-029 |
|
| Cisco | Cisco Secure Web Appliance |
Affected:
11.8.0-453
Affected: 12.5.3-002 Affected: 12.0.3-007 Affected: 12.0.3-005 Affected: 14.1.0-032 Affected: 14.1.0-047 Affected: 14.1.0-041 Affected: 12.0.4-002 Affected: 14.0.2-012 Affected: 11.8.0-414 Affected: 12.0.1-268 Affected: 11.8.1-023 Affected: 11.8.3-021 Affected: 11.8.3-018 Affected: 12.5.1-011 Affected: 11.8.4-004 Affected: 12.5.2-007 Affected: 12.5.2-011 Affected: 14.5.0-498 Affected: 12.5.4-005 Affected: 12.5.4-011 Affected: 12.0.5-011 Affected: 14.0.3-014 Affected: 12.5.5-004 Affected: 12.5.5-005 Affected: 12.5.5-008 Affected: 14.0.4-005 Affected: 14.5.1-008 Affected: 14.5.1-016 Affected: 15.0.0-355 Affected: 15.0.0-322 Affected: 12.5.6-008 Affected: 15.1.0-287 Affected: 14.5.2-011 Affected: 15.2.0-116 Affected: 14.0.5-007 Affected: 15.2.0-164 Affected: 14.5.1-510 Affected: 12.0.2-012 Affected: 12.0.2-004 Affected: 14.5.1-607 Affected: 14.5.3-033 Affected: 12.0.1-334 Affected: 14.0.1-503 Affected: 14.0.1-053 Affected: 11.8.0-429 Affected: 14.0.1-040 Affected: 14.0.1-014 Affected: 12.5.1-043 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T16:57:37.294661Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:57:53.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email and Web Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "13.6.2-023"
},
{
"status": "affected",
"version": "13.6.2-078"
},
{
"status": "affected",
"version": "13.0.0-249"
},
{
"status": "affected",
"version": "13.0.0-277"
},
{
"status": "affected",
"version": "13.8.1-052"
},
{
"status": "affected",
"version": "13.8.1-068"
},
{
"status": "affected",
"version": "13.8.1-074"
},
{
"status": "affected",
"version": "14.0.0-404"
},
{
"status": "affected",
"version": "12.8.1-002"
},
{
"status": "affected",
"version": "14.1.0-227"
},
{
"status": "affected",
"version": "13.6.1-201"
},
{
"status": "affected",
"version": "14.2.0-203"
},
{
"status": "affected",
"version": "14.2.0-212"
},
{
"status": "affected",
"version": "12.8.1-021"
},
{
"status": "affected",
"version": "13.8.1-108"
},
{
"status": "affected",
"version": "14.2.0-224"
},
{
"status": "affected",
"version": "14.3.0-120"
},
{
"status": "affected",
"version": "15.0.0-334"
},
{
"status": "affected",
"version": "15.5.1-024"
},
{
"status": "affected",
"version": "15.5.1-029"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system.\r\n\r\nThis vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the affected appliance. A successful exploit could allow the attacker to discover confidential information that should be restricted. To exploit this vulnerability, an attacker must have the configured SNMP credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T16:15:06.012Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"
}
],
"source": {
"advisory": "cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX",
"defects": [
"CSCwk60819"
],
"discovery": "INTERNAL"
},
"title": "Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20207",
"datePublished": "2025-02-05T16:15:06.012Z",
"dateReserved": "2024-10-10T19:15:13.230Z",
"dateUpdated": "2025-02-05T16:57:53.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…