A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
2024-05-15T18:15:08.720
2025-08-07T17:10:32.350
Analyzed
CVSSv3.1: 4.8 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | cisco | asyncos | 11.7.0-406 | Yes |
| Operating System | cisco | asyncos | 11.7.0-418 | Yes |
| Operating System | cisco | asyncos | 11.7.1-006 | Yes |
| Operating System | cisco | asyncos | 11.7.1-020 | Yes |
| Operating System | cisco | asyncos | 11.7.1-049 | Yes |
| Operating System | cisco | asyncos | 11.7.2-011 | Yes |
| Operating System | cisco | asyncos | 11.8.0-414 | Yes |
| Operating System | cisco | asyncos | 11.8.1-023 | Yes |
| Operating System | cisco | asyncos | 11.8.3-018 | Yes |
| Operating System | cisco | asyncos | 11.8.3-021 | Yes |
| Operating System | cisco | asyncos | 12.0.1-268 | Yes |
| Operating System | cisco | asyncos | 12.0.3-007 | Yes |
| Operating System | cisco | asyncos | 12.5.1-011 | Yes |
| Operating System | cisco | asyncos | 12.5.2-007 | Yes |
| Operating System | cisco | asyncos | 12.5.4-005 | Yes |
| Operating System | cisco | asyncos | 12.5.5-004 | Yes |
| Operating System | cisco | asyncos | 12.5.6-008 | Yes |
| Operating System | cisco | asyncos | 14.0.2-012 | Yes |
| Operating System | cisco | asyncos | 14.0.3-014 | Yes |
| Operating System | cisco | asyncos | 14.0.4-005 | Yes |
| Operating System | cisco | asyncos | 14.5.0-498 | Yes |
| Operating System | cisco | asyncos | 14.5.1-016 | Yes |
| Operating System | cisco | asyncos | 15.0.0-322 | Yes |
| Application | cisco | secure_web_appliance_virtual_s1000v | - | No |
| Application | cisco | secure_web_appliance_virtual_s100v | - | No |
| Application | cisco | secure_web_appliance_virtual_s300v | - | No |
| Application | cisco | secure_web_appliance_virtual_s600v | - | No |
| Hardware | cisco | secure_web_appliance_s196 | - | No |
| Hardware | cisco | secure_web_appliance_s396 | - | No |
| Hardware | cisco | secure_web_appliance_s696 | - | No |
| Application | cisco | secure_email_and_web_manager_virtual_appliance_m100v | - | Yes |
| Application | cisco | secure_email_and_web_manager_virtual_appliance_m300v | - | Yes |
| Application | cisco | secure_email_and_web_manager_virtual_appliance_m600v | - | Yes |
| Operating System | cisco | asyncos | 9.0.0-087 | Yes |
| Operating System | cisco | asyncos | 11.0.0-115 | Yes |
| Operating System | cisco | asyncos | 11.0.1-161 | Yes |
| Operating System | cisco | asyncos | 11.5.1-105 | Yes |
| Operating System | cisco | asyncos | 12.0.0-452 | Yes |
| Operating System | cisco | asyncos | 12.0.1-011 | Yes |
| Operating System | cisco | asyncos | 12.5.0-636 | Yes |
| Operating System | cisco | asyncos | 12.5.0-658 | Yes |
| Operating System | cisco | asyncos | 12.5.0-670 | Yes |
| Operating System | cisco | asyncos | 12.5.0-678 | Yes |
| Operating System | cisco | asyncos | 12.8.1-002 | Yes |
| Operating System | cisco | asyncos | 12.8.1-021 | Yes |
| Operating System | cisco | asyncos | 13.0.0-277 | Yes |
| Operating System | cisco | asyncos | 13.6.2-078 | Yes |
| Operating System | cisco | asyncos | 13.8.1-068 | Yes |
| Operating System | cisco | asyncos | 13.8.1-074 | Yes |
| Operating System | cisco | asyncos | 13.8.1-108 | Yes |
| Operating System | cisco | asyncos | 14.0.0-404 | Yes |
| Operating System | cisco | asyncos | 14.1.0-223 | Yes |
| Operating System | cisco | asyncos | 14.1.0-227 | Yes |
| Operating System | cisco | asyncos | 14.2.0-212 | Yes |
| Operating System | cisco | asyncos | 14.2.0-224 | Yes |
| Operating System | cisco | asyncos | 14.2.1-020 | Yes |
| Operating System | cisco | asyncos | 14.3.0-120 | Yes |
| Operating System | cisco | asyncos | 15.0.0-334 | Yes |
| Hardware | cisco | secure_email_and_web_manager_m170 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m190 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m195 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m380 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m390 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m390x | - | No |
| Hardware | cisco | secure_email_and_web_manager_m395 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m680 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m690 | - | No |
| Hardware | cisco | secure_email_and_web_manager_m690x | - | No |
| Hardware | cisco | secure_email_and_web_manager_m695 | - | No |