Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-20868
HistoryNov 04, 2022 - 6:15 p.m.

CVE-2022-20868

2022-11-0418:15:10
CWE-798
CWE-321
[email protected]
web.nvd.nist.gov
65
9
cve-2022-20868
cisco
email security
secure email
web manager
secure web appliance
vulnerability
authentication
remote attack
privilege escalation
hardcoded value
api
http request
impersonation
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability.

This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.

Affected configurations

NVD
Node
ciscoasyncosRange13.0–14.2.1
AND
ciscosecure_email_gatewayMatch-
Node
ciscoasyncosRange12.0–14.2.0
AND
ciscosecure_email_and_web_managerMatch-
Node
ciscoasyncosRange11.8–12.5.5
OR
ciscoasyncosRange14.0–14.0.4
OR
ciscoasyncosMatch14.5
AND
ciscosecure_web_applianceMatch-
CPENameOperatorVersion
cisco:asyncoscisco asyncoslt14.2.1

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Web Appliance",
    "versions": [
      {
        "version": "11.8.0-414",
        "status": "affected"
      },
      {
        "version": "11.8.1-023",
        "status": "affected"
      },
      {
        "version": "11.8.3-018",
        "status": "affected"
      },
      {
        "version": "11.8.3-021",
        "status": "affected"
      },
      {
        "version": "12.0.1-268",
        "status": "affected"
      },
      {
        "version": "12.0.3-007",
        "status": "affected"
      },
      {
        "version": "12.5.2-007",
        "status": "affected"
      },
      {
        "version": "12.5.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.4-005",
        "status": "affected"
      },
      {
        "version": "14.5.0-498",
        "status": "affected"
      },
      {
        "version": "14.0.2-012",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email",
    "versions": [
      {
        "version": "13.0.0-392",
        "status": "affected"
      },
      {
        "version": "13.5.1-277",
        "status": "affected"
      },
      {
        "version": "14.0.0-698",
        "status": "affected"
      },
      {
        "version": "14.2.0-620",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email and Web Manager",
    "versions": [
      {
        "version": "12.0.0-452",
        "status": "affected"
      },
      {
        "version": "12.0.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.0-636",
        "status": "affected"
      },
      {
        "version": "12.5.0-658",
        "status": "affected"
      },
      {
        "version": "12.5.0-678",
        "status": "affected"
      },
      {
        "version": "12.5.0-670",
        "status": "affected"
      },
      {
        "version": "13.0.0-277",
        "status": "affected"
      },
      {
        "version": "13.6.2-078",
        "status": "affected"
      },
      {
        "version": "13.8.1-068",
        "status": "affected"
      },
      {
        "version": "13.8.1-074",
        "status": "affected"
      },
      {
        "version": "12.8.1-002",
        "status": "affected"
      },
      {
        "version": "14.0.0-404",
        "status": "affected"
      },
      {
        "version": "14.1.0-223",
        "status": "affected"
      },
      {
        "version": "14.1.0-227",
        "status": "affected"
      }
    ]
  }
]

Social References

More

Related

cvelist 1
prion 1
nvd 1
nessus 3
cisco 1
cvelist
cvelist
CVE-2022-20868
2022-11-03 19:29:31
prion
prion
Hardcoded credentials
2022-11-04 18:15:00
nvd
nvd
CVE-2022-20868
2022-11-04 18:15:10
nessus
nessus
Cisco Secure Web Appliance Privilege Escalation (cisco-sa-esasmawsa-vulns-YRuSW5mD)
2022-11-03 00:00:00
Cisco Secure Email and Web Manager Multiple Vulnerabilities (cisco-sa-esasmawsa-vulns-YRuSW5mD)
2022-11-03 00:00:00
Cisco Email Security Appliance Multiple Vulnerabilities (cisco-sa-esasmawsa-vulns-YRuSW5mD)
2022-11-03 00:00:00
cisco
cisco
Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management Vulnerabilities
2022-11-02 16:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON
Related for CVE-2022-20868
cvelist1prion1nvd1nessus3cisco1