CVE-2023-20120
published 2023-06-28CVE-2023-20120: Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_web_security_appliance | — | — |
| cisco | secure_email_and_web_manager | — | — |
| cisco | secure_email_and_web_manager | — | — |
| cisco | secure_email_and_web_manager | — | — |
| cisco | secure_email_and_web_manager | — | — |
| cisco | secure_email_and_web_manager | — | — |
| cisco | secure_email_gateway | — | — |
| cisco | secure_email_gateway | — | — |
| cisco | secure_email_gateway | — | — |
| cisco | secure_email_gateway | — | — |
| cisco | secure_email_gateway | — | — |
| cisco | secure_email_gateway_cisco_secure_email_and_web_manager_and_cisco_secure_web_app | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |