CVE-2025-20207

Name of the Vulnerable Software and Affected Versions: Cisco Secure Email and Web Manager (affected versions not specified) Cisco Secure Email Gateway (affected versions not specified) Cisco Secure Web Appliance (affected versions not specified)

Description: A vulnerability in Simple Network Management Protocol (SNMP) polling could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This issue exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this by sending a crafted SNMP poll request to the affected appliance, potentially discovering confidential information that should be restricted. To exploit this, an attacker must have the configured SNMP credentials.

Recommendations: For Cisco Secure Email and Web Manager, restrict access to SNMP polling until a fix is available. For Cisco Secure Email Gateway, consider disabling SNMP polling as a temporary workaround until a patch is released. For Cisco Secure Web Appliance, avoid using configured SNMP credentials for polling until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.