Risk | Critical |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2022-20798 |
CWE-ID | CWE-287 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Secure Email Gateway Other software / Other software solutions Cisco AsyncOS for Cisco Email Security Appliance Server applications / IDS/IPS systems, Firewalls and proxy servers Cisco Email Security Appliance Server applications / IDS/IPS systems, Firewalls and proxy servers Cisco Secure Email and Web Manager Server applications / Other server solutions |
Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one critical risk vulnerability.
EUVDB-ID: #VU64421
Risk: Critical
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]
CVE-ID: CVE-2022-20798
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error improper authentication checks when using the Lightweight Directory Access Protocol (LDAP) for external authentication. A remote non-authenticated attacker can bypass specially crafted data to the login page of the affected device, bypass the authenticated process and gain unauthorized access to the system.
Install updates from vendor's website.
Vulnerable software versionsSecure Email Gateway: All versions
Cisco AsyncOS for Cisco Email Security Appliance: before 14.0.1-033
Cisco Email Security Appliance: before 14.0.1-033
Cisco Secure Email and Web Manager: before 13.0.0-277
CPE2.3https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-esa-auth-bypass-66kEcxQD
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy13453
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx88026
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.