Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2025/VULN070 _____________________________________________________________________ DATE : 05/02/2025 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Cisco Identity Services Engine, Cisco IOS, Cisco IOS XE, Cisco IOS XR, Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance, Cisco Expressway Series. ===================================================================== https://sec.cloudapps.cisco.com/security/center/publicationListing.x _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2025-February-05. The following PSIRT security advisories (1 Critical, 1 High, 6 Medium) were published at 16:00 UTC today. Table of Contents: 1) Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities - SIR: Critical 2) Cisco IOS, IOS XE, and IOS XR Software SNMP Denial of Service Vulnerabilities - SIR: High 3) Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Vulnerabilities - SIR: Medium 4) Cisco Secure Web Appliance Range Request Bypass Vulnerability - SIR: Medium 5) Cisco Expressway Series Cross-Site Scripting Vulnerability - SIR: Medium 6) Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities - SIR: Medium 7) Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability - SIR: Medium 8) Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability - SIR: Medium +-------------------------------------------------------------------- 1) Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities CVE-2025-20124, CVE-2025-20125 SIR: Critical CVSS Score v(3.1): 9.9 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF"] +-------------------------------------------------------------------- 2) Cisco IOS, IOS XE, and IOS XR Software SNMP Denial of Service Vulnerabilities CVE-2025-20169, CVE-2025-20170, CVE-2025-20171, CVE-2025-20172, CVE-2025-20173, CVE-2025-20174, CVE-2025-20175, CVE-2025-20176 SIR: High CVSS Score v(3.1): 7.7 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW"] +-------------------------------------------------------------------- 3) Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Vulnerabilities CVE-2025-20184, CVE-2025-20185 SIR: Medium CVSS Score v(3.1): 6.5 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-multi-yKUJhS34"] +-------------------------------------------------------------------- 4) Cisco Secure Web Appliance Range Request Bypass Vulnerability CVE-2025-20183 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu"] +-------------------------------------------------------------------- 5) Cisco Expressway Series Cross-Site Scripting Vulnerability CVE-2025-20179 SIR: Medium CVSS Score v(3.1): 6.1 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-xss-uexUZrEW ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-xss-uexUZrEW"] +-------------------------------------------------------------------- 6) Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities CVE-2025-20204, CVE-2025-20205 SIR: Medium CVSS Score v(3.1): 4.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG"] +-------------------------------------------------------------------- 7) Cisco Secure Email and Web Manager and Secure Email Gateway Cross-Site Scripting Vulnerability CVE-2025-20180 SIR: Medium CVSS Score v(3.1): 4.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-xss-WCk2WcuG"] +-------------------------------------------------------------------- 8) Cisco Secure Email and Web Manager, Secure Email Gateway and Secure Web Appliance SNMP Polling Information Disclosure Vulnerability CVE-2025-20207 SIR: Medium CVSS Score v(3.1): 4.3 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================