CVE-2024-20256

🗓️ 15 May 2024 17:56:38Reported by ciscoType

Vulnerability in Cisco AsyncOS Software for Secure Email and Web Manager

Reporter	Title	Published	Views	Family All 9
Cisco	Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting Vulnerabilities	15 May 202416:00	–	cisco
Tenable Nessus	Cisco Secure Web Appliance XSS (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)	24 May 202400:00	–	nessus
Tenable Nessus	Cisco Secure Email and Web Manager Multiple Vulnerabilities (cisco-sa-esa-sma-wsa-xss-bgG5WHOD)	24 May 202400:00	–	nessus
CNNVD	Cisco AsyncOS 安全漏洞	15 May 202400:00	–	cnnvd
Cvelist	CVE-2024-20256	15 May 202417:56	–	cvelist
EUVD	EUVD-2024-17971	3 Oct 202520:07	–	euvd
NVD	CVE-2024-20256	15 May 202418:15	–	nvd
RedhatCVE	CVE-2024-20256	23 May 202507:50	–	redhatcve
Vulnrichment	CVE-2024-20256	15 May 202417:56	–	vulnrichment

NVD

Node

cisco asyncosMatch11.7.0-406

cisco asyncosMatch11.7.0-418

cisco asyncosMatch11.7.1-006

cisco asyncosMatch11.7.1-020

cisco asyncosMatch11.7.1-049

cisco asyncosMatch11.7.2-011

cisco asyncosMatch11.8.0-414

cisco asyncosMatch11.8.1-023

cisco asyncosMatch11.8.3-018

cisco asyncosMatch11.8.3-021

cisco asyncosMatch12.0.1-268

cisco asyncosMatch12.0.3-007

cisco asyncosMatch12.5.1-011

cisco asyncosMatch12.5.2-007

cisco asyncosMatch12.5.4-005

cisco asyncosMatch12.5.5-004

cisco asyncosMatch12.5.6-008

cisco asyncosMatch14.0.2-012

cisco asyncosMatch14.0.3-014

cisco asyncosMatch14.0.4-005

cisco asyncosMatch14.5.0-498

cisco asyncosMatch14.5.1-016

cisco asyncosMatch15.0.0-322

AND

cisco secure_web_appliance_virtual_s1000vMatch-

cisco secure_web_appliance_virtual_s100vMatch-

cisco secure_web_appliance_virtual_s300vMatch-

cisco secure_web_appliance_virtual_s600vMatch-

cisco secure_web_appliance_s196Match-

cisco secure_web_appliance_s396Match-

cisco secure_web_appliance_s696Match-

Node

cisco secure_email_and_web_manager_virtual_appliance_m100vMatch-

cisco secure_email_and_web_manager_virtual_appliance_m300vMatch-

cisco secure_email_and_web_manager_virtual_appliance_m600vMatch-

cisco asyncosMatch9.0.0-087

cisco asyncosMatch11.0.0-115

cisco asyncosMatch11.0.1-161

cisco asyncosMatch11.5.1-105

cisco asyncosMatch12.0.0-452

cisco asyncosMatch12.0.1-011

cisco asyncosMatch12.5.0-636

cisco asyncosMatch12.5.0-658

cisco asyncosMatch12.5.0-670

cisco asyncosMatch12.5.0-678

cisco asyncosMatch12.8.1-002

cisco asyncosMatch12.8.1-021

cisco asyncosMatch13.0.0-277

cisco asyncosMatch13.6.2-078

cisco asyncosMatch13.8.1-068

cisco asyncosMatch13.8.1-074

cisco asyncosMatch13.8.1-108

cisco asyncosMatch14.0.0-404

cisco asyncosMatch14.1.0-223

cisco asyncosMatch14.1.0-227

cisco asyncosMatch14.2.0-212

cisco asyncosMatch14.2.0-224

cisco asyncosMatch14.2.1-020

cisco asyncosMatch14.3.0-120

cisco asyncosMatch15.0.0-334

AND

cisco secure_email_and_web_manager_m170Match-

cisco secure_email_and_web_manager_m190Match-

cisco secure_email_and_web_manager_m195Match-

cisco secure_email_and_web_manager_m380Match-

cisco secure_email_and_web_manager_m390Match-

cisco secure_email_and_web_manager_m390xMatch-

cisco secure_email_and_web_manager_m395Match-

cisco secure_email_and_web_manager_m680Match-

cisco secure_email_and_web_manager_m690Match-

cisco secure_email_and_web_manager_m690xMatch-

cisco secure_email_and_web_manager_m695Match-

[
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Web Appliance",
    "versions": [
      {
        "version": "11.7.0-406",
        "status": "affected"
      },
      {
        "version": "11.7.0-418",
        "status": "affected"
      },
      {
        "version": "11.7.1-049",
        "status": "affected"
      },
      {
        "version": "11.7.1-006",
        "status": "affected"
      },
      {
        "version": "11.7.1-020",
        "status": "affected"
      },
      {
        "version": "11.7.2-011",
        "status": "affected"
      },
      {
        "version": "11.8.0-414",
        "status": "affected"
      },
      {
        "version": "11.8.1-023",
        "status": "affected"
      },
      {
        "version": "11.8.3-018",
        "status": "affected"
      },
      {
        "version": "11.8.3-021",
        "status": "affected"
      },
      {
        "version": "12.0.1-268",
        "status": "affected"
      },
      {
        "version": "12.0.3-007",
        "status": "affected"
      },
      {
        "version": "12.5.2-007",
        "status": "affected"
      },
      {
        "version": "12.5.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.4-005",
        "status": "affected"
      },
      {
        "version": "12.5.5-004",
        "status": "affected"
      },
      {
        "version": "12.5.6-008",
        "status": "affected"
      },
      {
        "version": "14.5.0-498",
        "status": "affected"
      },
      {
        "version": "14.5.1-016",
        "status": "affected"
      },
      {
        "version": "14.0.3-014",
        "status": "affected"
      },
      {
        "version": "14.0.2-012",
        "status": "affected"
      },
      {
        "version": "14.0.4-005",
        "status": "affected"
      },
      {
        "version": "15.0.0-322",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email and Web Manager",
    "versions": [
      {
        "version": "9.0.0-087",
        "status": "affected"
      },
      {
        "version": "11.0.0-115",
        "status": "affected"
      },
      {
        "version": "11.0.1-161",
        "status": "affected"
      },
      {
        "version": "11.5.1-105",
        "status": "affected"
      },
      {
        "version": "12.0.0-452",
        "status": "affected"
      },
      {
        "version": "12.0.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.0-636",
        "status": "affected"
      },
      {
        "version": "12.5.0-658",
        "status": "affected"
      },
      {
        "version": "12.5.0-678",
        "status": "affected"
      },
      {
        "version": "12.5.0-670",
        "status": "affected"
      },
      {
        "version": "13.0.0-277",
        "status": "affected"
      },
      {
        "version": "13.6.2-078",
        "status": "affected"
      },
      {
        "version": "13.8.1-068",
        "status": "affected"
      },
      {
        "version": "13.8.1-074",
        "status": "affected"
      },
      {
        "version": "13.8.1-108",
        "status": "affected"
      },
      {
        "version": "12.8.1-002",
        "status": "affected"
      },
      {
        "version": "12.8.1-021",
        "status": "affected"
      },
      {
        "version": "14.0.0-404",
        "status": "affected"
      },
      {
        "version": "14.1.0-223",
        "status": "affected"
      },
      {
        "version": "14.1.0-227",
        "status": "affected"
      },
      {
        "version": "14.2.0-212",
        "status": "affected"
      },
      {
        "version": "14.2.0-224",
        "status": "affected"
      },
      {
        "version": "14.2.1-020",
        "status": "affected"
      },
      {
        "version": "14.3.0-120",
        "status": "affected"
      },
      {
        "version": "15.0.0-334",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD

07 Aug 2025 17:10Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.14.8

EPSS0.00125

SSVC

CWE-79