CVE-2025-20393 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

Cisco Secure Email and Web Manager Privelege Escalation (cisco-sa-esa-sma-wsa-multi-yKUJhS34)

According to its self-reported version, Cisco Secure Email and Web Manager is affected by a vulnerability. - A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web...

PT-2025-5713 · Cisco · Cisco Secure Web Appliance +2

Name of the Vulnerable Software and Affected Versions: Cisco Secure Email and Web Manager affected versions not specified Cisco Secure Email Gateway affected versions not specified Cisco Secure Web Appliance affected versions not specified Description: A vulnerability in Simple Network Management...

CVE-2024-20256

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient...

CVE-2023-20028

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...

多款Cisco产品 跨站脚本漏洞

The Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. A security vulnerability exists in Cisco AsyncOS Software that stems from a stored cross-site scripting XSS vulnerability. Affected products: Cisc...

CVE-2023-20028

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...

CVE-2023-20120

Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance ESA; and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance WSA, could allow a remote...

Vulnerabilities fixed in Cisco Email Security Appliance (ESA) and Secure Email and Web Manager.

Cisco has fixed vulnerabilities in Email Security Appliance ESA and Secure Email and Web Manager. A malicious party with prior authentication could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute arbitrary code with elevated privileges,...

PT-2023-6472 · Cisco · Cisco Secure Email/Web Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Secure Email Gateway ESA and Cisco Secure Email and Web Manager SMA affected versions not specified Description: A vulnerability in the Web UI and administrative CLI of the affected systems could allow an authenticated remote or local...

CVE-2022-20867

A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileg...

CVE-2022-20675

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol SNMP service...