EUVD-2024-17972

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Cisco AsyncOS may allow XSS attacks due to insufficient user input validation.

Reporter	Title	Published	Views	Family All 8
Cisco	Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Cross-Site Scripting Vulnerabilities	15 May 202416:00	–	cisco
CNNVD	Cisco AsyncOS 安全漏洞	15 May 202400:00	–	cnnvd
CVE	CVE-2024-20257	15 May 202417:58	–	cve
Cvelist	CVE-2024-20257	15 May 202417:58	–	cvelist
NVD	CVE-2024-20257	15 May 202418:15	–	nvd
Positive Technologies	PT-2024-4561 · Cisco · Cisco Asyncos	15 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-20257	23 May 202508:46	–	redhatcve
Vulnrichment	CVE-2024-20257	15 May 202417:58	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "e65f8546-3e2d-39e7-beb6-6f34838322c2",
        "vendor": {
          "name": "Cisco"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "13e7090c-5315-3364-b8a1-286ddbeb4602",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "11.1.0-128"
      },
      {
        "id": "14c8aaae-4a4c-311c-be4a-de0cc412cbab",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "13.5.4-038"
      },
      {
        "id": "17943b4d-72db-324a-8301-6e283e542f6a",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.5.0-066"
      },
      {
        "id": "201f990a-2a4a-3ba4-bdd8-490df967fbc5",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.1.0-087"
      },
      {
        "id": "23c75a01-510c-3956-90a2-62fb2ef4d537",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "11.1.0-069"
      },
      {
        "id": "2b6937fa-7ec1-382f-ad8e-4b7c7cdd75b4",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "14.3.0-032"
      },
      {
        "id": "47d724ad-dc77-3b32-a0b2-5ef83cd8b736",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "14.2.1-020"
      },
      {
        "id": "4bfdfc1a-a022-360a-9c18-6b87f23704a6",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "11.1.0-131"
      },
      {
        "id": "51fb5479-3be2-3ba5-9403-43e6629fe12d",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.1.0-089"
      },
      {
        "id": "5dc70a5e-5af3-396f-a472-3d3dedd07b86",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "14.2.0-620"
      },
      {
        "id": "636df689-78da-35c6-af5a-5613cfc4a8a8",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "14.0.0-698"
      },
      {
        "id": "66651511-c220-31f9-9316-f9f9ade25a5d",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "13.5.1-277"
      },
      {
        "id": "6aa589a0-6df6-3149-8dfe-0cbd326249cc",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.5.4-041"
      },
      {
        "id": "6d31a482-d5a4-39b3-89a5-10c076e09dc2",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "15.0.1-030"
      },
      {
        "id": "70745803-6a3f-3200-89a6-ad3660bb3b08",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.1.0-071"
      },
      {
        "id": "70f492cd-254d-39db-8ea7-cc5630f58de5",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.0.0-419"
      },
      {
        "id": "7c7f2150-866f-3c97-a634-b0790ae21061",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "15.5.0-048"
      },
      {
        "id": "85ac8356-9af0-3ce2-a93e-9ae30b0673d6",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "15.0.0-104"
      },
      {
        "id": "9c5e304e-2536-33e2-86f6-3e98e502ad3e",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "11.0.3-238"
      },
      {
        "id": "ac3db016-fdfe-3ea1-b01e-1a6c2c568846",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "13.0.5-007"
      },
      {
        "id": "c5f3bfd0-1385-3214-95d0-80ad1c4753f0",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "13.0.0-392"
      },
      {
        "id": "e13fe86e-aa8e-3651-8cb4-1abedd39d82b",
        "product": {
          "name": "Cisco Secure Email"
        },
        "product_version": "12.5.3-041"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.14.8

EPSS0.00125

SSVC