CVE-2020-3122

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.

CVSS

No CVSS.

References

Link	Resource
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:asyncos:11.0.0-128:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:secure_email_and_web_manager_m170:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m190:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m195:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m380:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m390:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m390x:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m395:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m680:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m690:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m690x:-:::::::*
	cpe:2.3:h:cisco:secure_email_and_web_manager_m695:-:::::::*

History

31 Jul 2025, 19:44

Type	Values Removed	Values Added
CPE	cpe:2.3:a:cisco:content_security_management_appliance:11.0.0-128:::::::* cpe:2.3:a:cisco:secure_email_and_web_manager:11.0.0-128:::::::*	cpe:2.3:h:cisco:secure_email_and_web_manager_m390:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m395:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m680:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m690x:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m695:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m690:-:::::::* cpe:2.3:o:cisco:asyncos:11.0.0-128:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m380:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m170:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m390x:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m190:-:::::::* cpe:2.3:h:cisco:secure_email_and_web_manager_m195:-:::::::*
First Time		Cisco secure Email And Web Manager M380 Cisco secure Email And Web Manager M395 Cisco asyncos Cisco secure Email And Web Manager M390 Cisco secure Email And Web Manager M680 Cisco secure Email And Web Manager M170 Cisco secure Email And Web Manager M695 Cisco secure Email And Web Manager M690x Cisco secure Email And Web Manager M690 Cisco secure Email And Web Manager M190 Cisco secure Email And Web Manager M195 Cisco secure Email And Web Manager M390x

31 Jul 2025, 17:14

Type	Values Removed	Values Added
CPE		cpe:2.3:a:cisco:content_security_management_appliance:11.0.0-128:::::::* cpe:2.3:a:cisco:secure_email_and_web_manager:11.0.0-128:::::::*
References	~~() https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383 -~~	() https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr92383 - Vendor Advisory
First Time		Cisco secure Email And Web Manager Cisco content Security Management Appliance Cisco

04 Mar 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-04 19:15

Updated : 2025-07-31 19:44

NVD link : CVE-2020-3122

Mitre link : CVE-2020-3122

JSON object : View

Products Affected

cisco

secure_email_and_web_manager_m395
secure_email_and_web_manager_m680
secure_email_and_web_manager_m390
secure_email_and_web_manager_m390x
secure_email_and_web_manager_m690x
secure_email_and_web_manager_m190
secure_email_and_web_manager_m695
secure_email_and_web_manager_m195
secure_email_and_web_manager_m380
secure_email_and_web_manager_m690
secure_email_and_web_manager_m170
asyncos

CWE

CWE-284

Improper Access Control

JSON object

Attach tags to CVE-2020-3122

Attach tags to `CVE-2020-3122`