Details of VAR-202502-2543

ID

VAR-202502-2543

CVE

CVE-2025-20153

TITLE

Cisco Systems Secure Email Gateway Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2025-010403

DESCRIPTION

A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.   This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device. Cisco Systems Secure Email Gateway Exists in unspecified vulnerabilities.Information may be tampered with. Remote attackers can bypass the rules and conduct malicious attacks by submitting special emails through the vulnerability

Trust: 2.16

sources: NVD: CVE-2025-20153 // JVNDB: JVNDB-2025-010403 // CNVD: CNVD-2025-05946

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-05946

AFFECTED PRODUCTS

vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.0.1-030	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	13.0.5-007	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.0.3-002	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	14.2.1-020	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.5.2-018	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	13.0.0-392	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	13.5.4-038	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	14.2.0-620	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	14.3.0-032	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	16.0.0-050	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	13.5.1-277	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.5.1-055	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.5.0-048	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.0.0-104	Trust: 1.0
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	14.0.0-698	Trust: 1.0
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	16.0.0-050	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.5.2-018	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	14.2.1-020	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	13.5.1-277	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	13.0.5-007	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.5.0-048	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	13.5.4-038	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	13.0.0-392	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	14.0.0-698	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.5.1-055	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.0.1-030	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	14.3.0-032	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.0.3-002	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	14.2.0-620	Trust: 0.8
vendor:	シスコシステムズ	model:	secure email gateway	scope:	eq	version:	15.0.0-104	Trust: 0.8
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	15.0	Trust: 0.6
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	14.2	Trust: 0.6
vendor:	cisco	model:	secure email gateway	scope:	eq	version:	16.0	Trust: 0.6

sources: CNVD: CNVD-2025-05946 // JVNDB: JVNDB-2025-010403 // NVD: CVE-2025-20153

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com:	CVE-2025-20153
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2025-20153
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2025-20153
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2025-05946
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2025-05946
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

psirt@cisco.com:	CVE-2025-20153
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-20153
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2025-20153
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-05946 // JVNDB: JVNDB-2025-010403 // NVD: CVE-2025-20153 // NVD: CVE-2025-20153

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-284	Trust: 1.0
problemtype:	Inappropriate access control (CWE-284) [ others ]	Trust: 0.8
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-010403 // NVD: CVE-2025-20153

PATCH

title:	cisco-sa-esa-mailpol-bypass-5nVcJZMw	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-mailpol-bypass-5nVcJZMw	Trust: 0.8
title:	Patch for Cisco Secure Email Gateway Access Control Error Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/661146	Trust: 0.6

sources: CNVD: CNVD-2025-05946 // JVNDB: JVNDB-2025-010403

EXTERNAL IDS

db:	NVD	id:	CVE-2025-20153	Trust: 3.2
db:	JVNDB	id:	JVNDB-2025-010403	Trust: 0.8
db:	CNVD	id:	CNVD-2025-05946	Trust: 0.6

sources: CNVD: CNVD-2025-05946 // JVNDB: JVNDB-2025-010403 // NVD: CVE-2025-20153

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2025-20153	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-mailpol-bypass-5nvcjzmw	Trust: 1.0

sources: CNVD: CNVD-2025-05946 // JVNDB: JVNDB-2025-010403 // NVD: CVE-2025-20153

SOURCES

db:	CNVD	id:	CNVD-2025-05946
db:	JVNDB	id:	JVNDB-2025-010403
db:	NVD	id:	CVE-2025-20153

LAST UPDATE DATE

2025-08-02T23:11:16.270000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-05946	date:	2025-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2025-010403	date:	2025-08-01T02:02:00
db:	NVD	id:	CVE-2025-20153	date:	2025-07-31T12:40:47.020

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-05946	date:	2025-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2025-010403	date:	2025-08-01T00:00:00
db:	NVD	id:	CVE-2025-20153	date:	2025-02-19T16:15:40.860