{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-20184", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2024-10-10T19:15:13.225Z", "datePublished": "2025-02-05T16:14:30.863Z", "dateUpdated": "2025-02-05T17:00:15.021Z"}, "containers": {"cna": {"title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34", "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "source": {"advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34", "discovery": "EXTERNAL", "defects": ["CSCwk70559"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Input Validation", "type": "cwe", "cweId": "CWE-20"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Email", "versions": [{"version": "14.0.0-698", "status": "affected"}, {"version": "13.5.1-277", "status": "affected"}, {"version": "13.0.0-392", "status": "affected"}, {"version": "14.2.0-620", "status": "affected"}, {"version": "13.0.5-007", "status": "affected"}, {"version": "13.5.4-038", "status": "affected"}, {"version": "14.2.1-020", "status": "affected"}, {"version": "14.3.0-032", "status": "affected"}, {"version": "15.0.0-104", "status": "affected"}, {"version": "15.0.1-030", "status": "affected"}, {"version": "15.5.0-048", "status": "affected"}, {"version": "15.5.1-055", "status": "affected"}, {"version": "15.5.2-018", "status": "affected"}, {"version": "15.0.3-002", "status": "affected"}, {"version": "15.5.3-022", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Secure Web Appliance", "versions": [{"version": "11.8.0-453", "status": "affected"}, {"version": "12.5.3-002", "status": "affected"}, {"version": "12.0.3-007", "status": "affected"}, {"version": "12.0.3-005", "status": "affected"}, {"version": "14.1.0-032", "status": "affected"}, {"version": "14.1.0-047", "status": "affected"}, {"version": "14.1.0-041", "status": "affected"}, {"version": "12.0.4-002", "status": "affected"}, {"version": "14.0.2-012", "status": "affected"}, {"version": "11.8.0-414", "status": "affected"}, {"version": "12.0.1-268", "status": "affected"}, {"version": "11.8.1-023", "status": "affected"}, {"version": "11.8.3-021", "status": "affected"}, {"version": "11.8.3-018", "status": "affected"}, {"version": "12.5.1-011", "status": "affected"}, {"version": "11.8.4-004", "status": "affected"}, {"version": "12.5.2-007", "status": "affected"}, {"version": "12.5.2-011", "status": "affected"}, {"version": "14.5.0-498", "status": "affected"}, {"version": "12.5.4-005", "status": "affected"}, {"version": "12.5.4-011", "status": "affected"}, {"version": "12.0.5-011", "status": "affected"}, {"version": "14.0.3-014", "status": "affected"}, {"version": "12.5.5-004", "status": "affected"}, {"version": "12.5.5-005", "status": "affected"}, {"version": "12.5.5-008", "status": "affected"}, {"version": "14.0.4-005", "status": "affected"}, {"version": "14.5.1-008", "status": "affected"}, {"version": "14.5.1-016", "status": "affected"}, {"version": "15.0.0-355", "status": "affected"}, {"version": "15.0.0-322", "status": "affected"}, {"version": "12.5.6-008", "status": "affected"}, {"version": "15.1.0-287", "status": "affected"}, {"version": "14.5.2-011", "status": "affected"}, {"version": "15.2.0-116", "status": "affected"}, {"version": "14.0.5-007", "status": "affected"}, {"version": "15.2.0-164", "status": "affected"}, {"version": "14.5.1-510", "status": "affected"}, {"version": "12.0.2-012", "status": "affected"}, {"version": "12.0.2-004", "status": "affected"}, {"version": "14.5.1-607", "status": "affected"}, {"version": "14.5.3-033", "status": "affected"}, {"version": "15.0.1-004", "status": "affected"}, {"version": "15.2.1-011", "status": "affected"}, {"version": "14.5.0-673", "status": "affected"}, {"version": "14.5.0-537", "status": "affected"}, {"version": "12.0.1-334", "status": "affected"}, {"version": "14.0.1-503", "status": "affected"}, {"version": "14.0.1-053", "status": "affected"}, {"version": "11.8.0-429", "status": "affected"}, {"version": "14.0.1-040", "status": "affected"}, {"version": "14.0.1-014", "status": "affected"}, {"version": "12.5.1-043", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-02-05T16:14:30.863Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-05T16:59:57.945223Z", "id": "CVE-2025-20184", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T17:00:15.021Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-20184", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-05T16:59:57.945223Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-05T17:00:07.310Z"}}], "cna": {"title": "Cisco Secure Email and Web Manager and Secure Web Appliance Command Injection Vulnerability", "source": {"defects": ["CSCwk70559"], "advisory": "cisco-sa-esa-sma-wsa-multi-yKUJhS34", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Email", "versions": [{"status": "affected", "version": "14.0.0-698"}, {"status": "affected", "version": "13.5.1-277"}, {"status": "affected", "version": "13.0.0-392"}, {"status": "affected", "version": "14.2.0-620"}, {"status": "affected", "version": "13.0.5-007"}, {"status": "affected", "version": "13.5.4-038"}, {"status": "affected", "version": "14.2.1-020"}, {"status": "affected", "version": "14.3.0-032"}, {"status": "affected", "version": "15.0.0-104"}, {"status": "affected", "version": "15.0.1-030"}, {"status": "affected", "version": "15.5.0-048"}, {"status": "affected", "version": "15.5.1-055"}, {"status": "affected", "version": "15.5.2-018"}, {"status": "affected", "version": "15.0.3-002"}, {"status": "affected", "version": "15.5.3-022"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Secure Web Appliance", "versions": [{"status": "affected", "version": "11.8.0-453"}, {"status": "affected", "version": "12.5.3-002"}, {"status": "affected", "version": "12.0.3-007"}, {"status": "affected", "version": "12.0.3-005"}, {"status": "affected", "version": "14.1.0-032"}, {"status": "affected", "version": "14.1.0-047"}, {"status": "affected", "version": "14.1.0-041"}, {"status": "affected", "version": "12.0.4-002"}, {"status": "affected", "version": "14.0.2-012"}, {"status": "affected", "version": "11.8.0-414"}, {"status": "affected", "version": "12.0.1-268"}, {"status": "affected", "version": "11.8.1-023"}, {"status": "affected", "version": "11.8.3-021"}, {"status": "affected", "version": "11.8.3-018"}, {"status": "affected", "version": "12.5.1-011"}, {"status": "affected", "version": "11.8.4-004"}, {"status": "affected", "version": "12.5.2-007"}, {"status": "affected", "version": "12.5.2-011"}, {"status": "affected", "version": "14.5.0-498"}, {"status": "affected", "version": "12.5.4-005"}, {"status": "affected", "version": "12.5.4-011"}, {"status": "affected", "version": "12.0.5-011"}, {"status": "affected", "version": "14.0.3-014"}, {"status": "affected", "version": "12.5.5-004"}, {"status": "affected", "version": "12.5.5-005"}, {"status": "affected", "version": "12.5.5-008"}, {"status": "affected", "version": "14.0.4-005"}, {"status": "affected", "version": "14.5.1-008"}, {"status": "affected", "version": "14.5.1-016"}, {"status": "affected", "version": "15.0.0-355"}, {"status": "affected", "version": "15.0.0-322"}, {"status": "affected", "version": "12.5.6-008"}, {"status": "affected", "version": "15.1.0-287"}, {"status": "affected", "version": "14.5.2-011"}, {"status": "affected", "version": "15.2.0-116"}, {"status": "affected", "version": "14.0.5-007"}, {"status": "affected", "version": "15.2.0-164"}, {"status": "affected", "version": "14.5.1-510"}, {"status": "affected", "version": "12.0.2-012"}, {"status": "affected", "version": "12.0.2-004"}, {"status": "affected", "version": "14.5.1-607"}, {"status": "affected", "version": "14.5.3-033"}, {"status": "affected", "version": "15.0.1-004"}, {"status": "affected", "version": "15.2.1-011"}, {"status": "affected", "version": "14.5.0-673"}, {"status": "affected", "version": "14.5.0-537"}, {"status": "affected", "version": "12.0.1-334"}, {"status": "affected", "version": "14.0.1-503"}, {"status": "affected", "version": "14.0.1-053"}, {"status": "affected", "version": "11.8.0-429"}, {"status": "affected", "version": "14.0.1-040"}, {"status": "affected", "version": "14.0.1-014"}, {"status": "affected", "version": "12.5.1-043"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34", "name": "cisco-sa-esa-sma-wsa-multi-yKUJhS34"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-20", "description": "Improper Input Validation"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2025-02-05T16:14:30.863Z"}}}, "cveMetadata": {"cveId": "CVE-2025-20184", "state": "PUBLISHED", "dateUpdated": "2025-02-05T17:00:15.021Z", "dateReserved": "2024-10-10T19:15:13.225Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2025-02-05T16:14:30.863Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:13.0.0-392:*:*:*:*:*:*:*", "matchCriteriaId": "FFEE94BE-6A3A-4873-BFCF-93E550F099A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:13.0.5-007:*:*:*:*:*:*:*", "matchCriteriaId": "A787134E-F72F-4543-8F0E-3125A982BE3B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:13.5.1-277:*:*:*:*:*:*:*", "matchCriteriaId": "E8E06464-FA10-4AA0-8320-FED11EF0B5ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:13.5.4-038:*:*:*:*:*:*:*", "matchCriteriaId": "B6B6F533-7521-4DC1-8481-034E6CDE22DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.0-698:*:*:*:*:*:*:*", "matchCriteriaId": "6A48B45C-E1B4-4524-A095-631C408044A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.2.0-620:*:*:*:*:*:*:*", "matchCriteriaId": "A84B29E7-CB57-4DA8-BA2F-77AA4DB9C394", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.2.1-020:*:*:*:*:*:*:*", "matchCriteriaId": "189C0A83-6BF1-45AD-ACC1-FB7561B901A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.3.0-032:*:*:*:*:*:*:*", "matchCriteriaId": "6B09FBBD-C6BD-4BBD-8DF4-416D59E1E97C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.0-104:*:*:*:*:*:*:*", "matchCriteriaId": "943D850B-D6B1-4B02-BBF6-687C3FD80AAD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.1-030:*:*:*:*:*:*:*", "matchCriteriaId": "74FB1274-8F04-4A8A-986F-225BBA4553E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.3-002:*:*:*:*:*:*:*", "matchCriteriaId": "E10CE9B3-6B35-49CB-8DB6-2AF2D4678417", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.5.0-048:*:*:*:*:*:*:*", "matchCriteriaId": "05560A50-4EF9-42E9-B8B3-FC99C77089B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.5.1-055:*:*:*:*:*:*:*", "matchCriteriaId": "421FFF79-BA3D-4968-928C-6F792E9A34AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.5.2-018:*:*:*:*:*:*:*", "matchCriteriaId": "700129D1-EEB8-4A05-9E32-7C425CAA54F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.5.3-022:*:*:*:*:*:*:*", "matchCriteriaId": "D72D8A34-34BF-4390-B244-23AEAC08ACD5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c100v:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B6FBC8A-8187-4903-B786-6CF341C142B5", "vulnerable": false}, {"criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c300v:-:*:*:*:*:*:*:*", "matchCriteriaId": "68864429-9730-43E9-96C3-20B9035BB291", "vulnerable": false}, {"criteria": "cpe:2.3:a:cisco:secure_email_gateway_virtual_appliance_c600v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B52D8B2B-E9AE-4B02-87BD-9CF9FA95906A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_email_gateway_c195:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B1322B8-1CF9-4B17-9A58-38788051ED4F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_email_gateway_c395:-:*:*:*:*:*:*:*", "matchCriteriaId": "139A640B-1957-4953-AA88-9D373A5152D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_email_gateway_c695:-:*:*:*:*:*:*:*", "matchCriteriaId": "F08EA2AD-618B-4834-A52D-73F6A4502DF1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:11.8.0-414:*:*:*:*:*:*:*", "matchCriteriaId": "DDF27FDC-ADC4-4C98-8A49-DAD2471F8301", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.0-429:*:*:*:*:*:*:*", "matchCriteriaId": "D1C5CF4F-FB9C-4497-8D4F-ACF0B5619B26", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.0-453:*:*:*:*:*:*:*", "matchCriteriaId": "2F1D538A-A548-43B2-91A6-104E7E048D6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.1-023:*:*:*:*:*:*:*", "matchCriteriaId": "02072E0E-BC8C-4992-AB4D-BDE5829169A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.3-018:*:*:*:*:*:*:*", "matchCriteriaId": "67213820-8CF2-4C0E-8BE8-801FD01A97C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.3-021:*:*:*:*:*:*:*", "matchCriteriaId": "2281D49F-6C3F-4B09-AFB4-707253876591", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:11.8.4-004:*:*:*:*:*:*:*", "matchCriteriaId": "01D81165-118F-49C9-8F81-282ECC09A31B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.1-268:*:*:*:*:*:*:*", "matchCriteriaId": "1F6D5632-1951-4DB7-9B56-4D1947E09ECD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.1-334:*:*:*:*:*:*:*", "matchCriteriaId": "D00FA43A-4E47-401E-A3EB-5DD1DD01D731", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.2-004:*:*:*:*:*:*:*", "matchCriteriaId": "6E8D5C72-C85D-4D5F-8290-2158737A8AF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.2-012:*:*:*:*:*:*:*", "matchCriteriaId": "0A30D4E9-7199-4841-8FB3-61123E155B6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.3-005:*:*:*:*:*:*:*", "matchCriteriaId": "86F3D9B3-B5FB-4F8A-929E-B6EFD731739F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.3-007:*:*:*:*:*:*:*", "matchCriteriaId": "8F221598-29D1-4B13-A427-315F93BD9865", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.4-002:*:*:*:*:*:*:*", "matchCriteriaId": "D061F30A-E46B-4771-9E9A-45C198A31140", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.0.5-011:*:*:*:*:*:*:*", "matchCriteriaId": "2B982C95-2AA6-466A-9D29-A9BECFD97502", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.1-011:*:*:*:*:*:*:*", "matchCriteriaId": "A2D22A3C-16D5-4F61-AB44-111F4A4D9F5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.1-043:*:*:*:*:*:*:*", "matchCriteriaId": "A6206A35-E1A4-4B6D-9C9F-16F06C6148BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.2-007:*:*:*:*:*:*:*", "matchCriteriaId": "8C79D794-0BA9-4A55-B843-FBF9B7374095", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.2-011:*:*:*:*:*:*:*", "matchCriteriaId": "2536DCE8-4F1D-4056-A021-409B54C86ED9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.3-002:*:*:*:*:*:*:*", "matchCriteriaId": "2D75C030-216E-4019-ABA5-6DB662C6755C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.4-005:*:*:*:*:*:*:*", "matchCriteriaId": "BBE6E431-7859-4E92-88C5-C85DADC8A5D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.4-011:*:*:*:*:*:*:*", "matchCriteriaId": "2FC0B862-5248-42D1-BB20-F957DD98A585", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.5-004:*:*:*:*:*:*:*", "matchCriteriaId": "495A2286-32A3-4F86-9D14-A1561FCE418A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.5-005:*:*:*:*:*:*:*", "matchCriteriaId": "654F0E3A-EEE2-4111-8E80-6C4B78EA5CBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.5-008:*:*:*:*:*:*:*", "matchCriteriaId": "D77BA3B2-D2B5-4A62-BE5C-F5A38736D285", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:12.5.6-008:*:*:*:*:*:*:*", "matchCriteriaId": "09EA2D4E-2E11-40E9-ABA0-7643B6A78857", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.1-014:*:*:*:*:*:*:*", "matchCriteriaId": "14B69F30-9430-4FA0-8BED-515C26D36788", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.1-040:*:*:*:*:*:*:*", "matchCriteriaId": "B69B7B51-55D4-4346-84BC-5B8226251BC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.1-053:*:*:*:*:*:*:*", "matchCriteriaId": "AF47A58B-9D1D-44C2-95DD-5413B8F8A6CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.1-503:*:*:*:*:*:*:*", "matchCriteriaId": "D024F9E1-004C-4639-A057-B2F4238CA3B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.2-012:*:*:*:*:*:*:*", "matchCriteriaId": "50BAC418-1CA1-4DB7-8B54-E4754A35F6E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.3-014:*:*:*:*:*:*:*", "matchCriteriaId": "A3A1AE33-A44E-422C-BBF3-FEF0BD24081D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.4-005:*:*:*:*:*:*:*", "matchCriteriaId": "D5A91305-1002-4717-AB81-A98C9C30CEA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.0.5-007:*:*:*:*:*:*:*", "matchCriteriaId": "07433741-D7ED-4742-B449-64D23E002E75", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.1.0-032:*:*:*:*:*:*:*", "matchCriteriaId": "A1C5EDF4-868A-43B9-B5BA-0F62984F7BE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.1.0-041:*:*:*:*:*:*:*", "matchCriteriaId": "45B7B8BB-91DA-490B-BA54-27AD44F862A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.1.0-047:*:*:*:*:*:*:*", "matchCriteriaId": "16B7F282-1F20-4C84-A13E-C671BAE3F8D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.0-498:*:*:*:*:*:*:*", "matchCriteriaId": "60A56580-C34C-4E5D-B053-9D02F8DD9681", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.0-537:*:*:*:*:*:*:*", "matchCriteriaId": "567CFC71-7AE1-456D-B87F-FDA4CDFA0936", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.0-673:*:*:*:*:*:*:*", "matchCriteriaId": "03F9301C-A93C-4D12-9C4B-E4D984D136D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-008:*:*:*:*:*:*:*", "matchCriteriaId": "89DC9472-A8C0-41CB-99DE-B0E160157B3C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-016:*:*:*:*:*:*:*", "matchCriteriaId": "78109D4E-9FAA-4B5A-96E4-6D30D3458BFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-510:*:*:*:*:*:*:*", "matchCriteriaId": "F615EBAA-EF52-4431-8080-2CF34269BE28", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-607:*:*:*:*:*:*:*", "matchCriteriaId": "1FE4CBC9-5786-4896-9FF7-C22E02FC9428", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.2-011:*:*:*:*:*:*:*", "matchCriteriaId": "134FF12A-15FB-4D3D-BA99-479C8EEE534B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:14.5.3-033:*:*:*:*:*:*:*", "matchCriteriaId": "E3219303-FBC6-43FD-A712-63DACA8A6D43", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.0-322:*:*:*:*:*:*:*", "matchCriteriaId": "0FD96D2A-EE17-4AF6-B8DD-E25F4DCB9313", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.0-355:*:*:*:*:*:*:*", "matchCriteriaId": "CCD55688-9581-4363-B8A0-2CC4080EA720", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.0.1-004:*:*:*:*:*:*:*", "matchCriteriaId": "8E7D1E25-9E12-451F-A454-78560153CF86", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.1.0-287:*:*:*:*:*:*:*", "matchCriteriaId": "E1595FF1-D7A9-402C-B8D0-C2ED6E195637", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.2.0-116:*:*:*:*:*:*:*", "matchCriteriaId": "9D0F8BE7-992B-455B-8D64-4B0A79B53131", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.2.0-164:*:*:*:*:*:*:*", "matchCriteriaId": "28BDB938-CB66-457E-BEE6-B115A1E990B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:15.2.1-011:*:*:*:*:*:*:*", "matchCriteriaId": "F5784365-ACFB-4391-99C2-8B5B525039B5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_web_appliance_virtual_s1000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "09BCBB0F-88F1-4469-A7D4-DA8BCAF5470A", "vulnerable": false}, {"criteria": "cpe:2.3:a:cisco:secure_web_appliance_virtual_s100v:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F88A369-E3A2-431A-AB71-CCD4F15E68EB", "vulnerable": false}, {"criteria": "cpe:2.3:a:cisco:secure_web_appliance_virtual_s300v:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE8ED2A4-8E08-420D-B377-6D1F5AF675DC", "vulnerable": false}, {"criteria": "cpe:2.3:a:cisco:secure_web_appliance_virtual_s600v:-:*:*:*:*:*:*:*", "matchCriteriaId": "780EA177-5623-4AFF-9316-D557BE2BD47D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_web_appliance_s196:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE1F2FAF-C64B-4AEB-8DE4-329C61B8D17F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_web_appliance_s396:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5596058-16DB-46C0-82AC-D9BFC13F4126", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:secure_web_appliance_s696:-:*:*:*:*:*:*:*", "matchCriteriaId": "62BEA59D-2AF1-4BDF-ACB3-450BED2E5AAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must authenticate with valid administrator credentials.\r\n\r\nThis vulnerability is due to insufficient validation of XML configuration files by an affected device. An attacker could exploit this vulnerability by uploading a crafted XML configuration file. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco AsyncOS Software para Cisco Secure Email Gateway y Cisco Secure Web Appliance podr\u00eda permitir que un atacante remoto autenticado realice ataques de inyecci\u00f3n de comandos contra un dispositivo afectado. El atacante debe autenticarse con credenciales de administrador v\u00e1lidas. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los archivos de configuraci\u00f3n XML por parte de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad cargando un archivo de configuraci\u00f3n XML manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante inyectar comandos al sistema operativo subyacente con privilegios de superusuario."}], "id": "CVE-2025-20184", "lastModified": "2025-08-08T17:11:23.557", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-02-05T17:15:25.697", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "[email protected]", "type": "Primary"}]}

{}