CVE-2025-20153Improper Access Control in Cisco Secure Email

CWE-284Improper Access Control4 documents4 sources
Severity
5.3MEDIUMNVD
CNA5.8
EPSS
0.1%
top 67.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Secure EmailCisco Secure Email Gateway
Timeline
PublishedFeb 19

Description

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDcisco/secure_email_gateway15 versions+14
CVEListV5cisco/cisco_secure_email15 versions+14

🔴Vulnerability Details

2
CVEList
Cisco ESA mail Bypass2025-02-19
GHSA
GHSA-9ppw-7p8w-h9g2: A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configure2025-02-19

📋Vendor Advisories

1
Cisco
Cisco Secure Email Gateway Email Filter Bypass Vulnerability2025-02-19
CVE-2025-20153 — Improper Access Control in Cisco | cvebase