CVE-2025-20180

Published Feb 5, 2025
Last updated 10 days ago
CVSS medium 4.8
Overview

Description: A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Operator.
Source: psirt@cisco.com
NVD status: Analyzed
Products: asyncos
Risk scores

CVSS 3.1

Type: Primary
Base score: 4.8
Impact score: 2.7
Exploitability score: 1.7
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
Weaknesses

psirt@cisco.com: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:12.8.1-002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80439833-447F-4582-B1FA-278306ABFE42"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:12.8.1-021:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29CB6A5B-34EE-4958-ACB5-6433E8C0014D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.0.0-249:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9332990D-7532-4CE6-A02B-81B9445C09F3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.0.0-277:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C18D9472-A7E4-4083-9369-DBA97A40022B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.6.1-201:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF1F8E93-E5CF-4C73-BFFA-2B3DB2C764BD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.6.2-023:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86750D2A-0D2D-4775-B7B6-261337F3F72D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.6.2-078:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A1365DA-3163-4CFF-9F48-1998C9F6A29B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.8.1-052:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D26ED91-0192-4606-B304-2BD926A4E854"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.8.1-068:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C5B0C94-A72F-4B5A-A9F8-00EF60D6C001"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.8.1-074:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74C14467-2836-4FDF-8B4B-670D08511614"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.8.1-108:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50DAB07-5582-47C8-A0B0-7C0DA63DC70A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.0.0-404:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F540FA5-3E48-4C4E-8AAF-4DD8629DAF1D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.1.0-227:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC8211F5-85F9-449D-87E0-991F009AFD1E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.2.0-203:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D9CA168-015D-4962-BB8D-E5BB10925D1E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.2.0-212:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "253C1306-4BCE-4314-A57D-CBFDF89386E4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.2.0-224:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F90AF26-41D8-40B9-9E49-29C27CA2B4FA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.3.0-120:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1719C5F-39A9-4F56-AF18-AB34A9D73DD6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.0.0-334:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C1A7437-AEF6-4426-91E8-4112F76FE019"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.1-024:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49913B5D-22C6-41E6-9FAD-3AEB1DD96350"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.1-029:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B24DBD60-73D9-4999-8F3C-2D9F7653414D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.2-005:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F571B6DA-9940-4B08-8A7F-7A4B0B36ACB8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:16.0.0-195:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B49B71D-89F0-40B0-B93F-2C038583C367"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager_virtual_appliance_m100v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0C9613A5-B198-4AD2-BC74-F21ABAF79174"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager_virtual_appliance_m300v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57831FD6-1CF3-4ABE-81BA-2576418F9083"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager_virtual_appliance_m600v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "67E804AE-4743-44AD-A364-504B0AB0D9BF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m170:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3057023B-AD68-4953-A780-75EA416A7B94"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m190:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B87164B6-4717-4968-86F7-C62EB677FC50"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m195:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10BD81D0-D81A-4361-B4E8-D674732A2A33"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m380:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D28903F8-3C4D-4337-9721-CEC108A7E2D5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m390:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "84ACD394-2E45-4E8E-A342-AC57935C7038"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m390x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6112D56B-B68B-40B0-8EB9-3315533110C7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m395:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8A1198BC-C934-4C26-887D-D599E8128FD3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m680:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10374BA0-E7DD-4930-8C58-251F98B75A11"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m690:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD265B49-C691-44B3-A505-DC704E80313C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m690x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E37CFC3A-1752-4C66-BD32-CFFA46C3E6AD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_and_web_manager_m695:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "830693AC-A737-43B9-BBB4-E3A1C950C47F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.0.0-392:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFEE94BE-6A3A-4873-BFCF-93E550F099A0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.0.5-007:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A787134E-F72F-4543-8F0E-3125A982BE3B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.5.1-277:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8E06464-FA10-4AA0-8320-FED11EF0B5ED"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:13.5.4-038:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B6F533-7521-4DC1-8481-034E6CDE22DD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.0.0-698:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A48B45C-E1B4-4524-A095-631C408044A0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.2.0-620:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A84B29E7-CB57-4DA8-BA2F-77AA4DB9C394"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.2.1-020:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "189C0A83-6BF1-45AD-ACC1-FB7561B901A9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:14.3.0-032:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B09FBBD-C6BD-4BBD-8DF4-416D59E1E97C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.0.0-104:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "943D850B-D6B1-4B02-BBF6-687C3FD80AAD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.0.1-030:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74FB1274-8F04-4A8A-986F-225BBA4553E0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.0.3-002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E10CE9B3-6B35-49CB-8DB6-2AF2D4678417"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.0-048:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05560A50-4EF9-42E9-B8B3-FC99C77089B8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.1-055:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "421FFF79-BA3D-4968-928C-6F792E9A34AB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:15.5.2-018:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "700129D1-EEB8-4A05-9E32-7C425CAA54F1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:16.0.0-050:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C829294-B71F-4201-8BF0-623D45E93C7A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asyncos:16.0.0-054:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7176E776-01D3-432F-BD8C-38B15AAF62F8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c100v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5B6FBC8A-8187-4903-B786-6CF341C142B5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c300v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68864429-9730-43E9-96C3-20B9035BB291"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c600v:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B52D8B2B-E9AE-4B02-87BD-9CF9FA95906A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_gateway_c195:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7B1322B8-1CF9-4B17-9A58-38788051ED4F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_gateway_c395:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "139A640B-1957-4953-AA88-9D373A5152D1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:secure_email_gateway_c695:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F08EA2AD-618B-4834-A52D-73F6A4502DF1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
