Sign-up

ID

VAR-202502-2543


CVE

CVE-2025-20153


TITLE

Cisco Secure Email Gateway Access Control Error Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-05946

DESCRIPTION

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device. Cisco Secure Email Gateway is a secure email gateway software of Cisco, an American company. Remote attackers can bypass the rules and conduct malicious attacks by submitting special emails through the vulnerability

Trust: 1.44

sources: NVD: CVE-2025-20153 // CNVD: CNVD-2025-05946

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-05946

AFFECTED PRODUCTS

vendor:ciscomodel:secure email gatewayscope:eqversion:15.0

Trust: 0.6

vendor:ciscomodel:secure email gatewayscope:eqversion:14.2

Trust: 0.6

vendor:ciscomodel:secure email gatewayscope:eqversion:16.0

Trust: 0.6

sources: CNVD: CNVD-2025-05946

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com: CVE-2025-20153
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2025-05946
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-05946
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

psirt@cisco.com: CVE-2025-20153
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-05946 // NVD: CVE-2025-20153

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.0

sources: NVD: CVE-2025-20153

PATCH

title:Patch for Cisco Secure Email Gateway Access Control Error Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/661146

Trust: 0.6

sources: CNVD: CNVD-2025-05946

EXTERNAL IDS

db:NVDid:CVE-2025-20153

Trust: 1.6

db:CNVDid:CNVD-2025-05946

Trust: 0.6

sources: CNVD: CNVD-2025-05946 // NVD: CVE-2025-20153

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-mailpol-bypass-5nvcjzmw

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-20153

Trust: 0.6

sources: CNVD: CNVD-2025-05946 // NVD: CVE-2025-20153

SOURCES

db:CNVDid:CNVD-2025-05946
db:NVDid:CVE-2025-20153

LAST UPDATE DATE

2025-03-31T18:25:20.321000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-05946date:2025-03-27T00:00:00
db:NVDid:CVE-2025-20153date:2025-02-19T16:15:40.860

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-05946date:2025-03-27T00:00:00
db:NVDid:CVE-2025-20153date:2025-02-19T16:15:40.860