CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-20772
https://notcve.org/view.php?id=CVE-2022-20772
A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses. Una vulnerabilidad en Cisco Email Security Appliance (ESA) y Cisco Secure Email and Web Manager podría permitir que un atacante remoto no autenticado lleve a cabo un ataque de división de respuesta HTTP. Esta vulnerabilidad se debe a que la aplicación o su entorno no limpian adecuadamente los valores de entrada. Un atacante podría aprovechar esta vulnerabilidad inyectando encabezados HTTP maliciosos, controlando el cuerpo de la respuesta o dividiendo la respuesta en múltiples respuestas. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-20942
https://notcve.org/view.php?id=CVE-2022-20942
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device. Una vulnerabilidad en la interfaz de administración basada en web de Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager y Cisco Secure Web Appliance, anteriormente conocido como Cisco Web Security Appliance (WSA), podría permitir que un atacante remoto autenticado acceda a información sensible de un dispositivo afectado, incluidas las credenciales de usuario. Esta vulnerabilidad se debe a una aplicación débil de las comprobaciones de autorización del back-end. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20868
https://notcve.org/view.php?id=CVE-2022-20868
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-20867
https://notcve.org/view.php?id=CVE-2022-20867
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-20798 – Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-20798
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device. Una vulnerabilidad en la funcionalidad de autenticación externa de Cisco Secure Email and Web Manager, anteriormente conocido como Cisco Security Management Appliance (SMA), y Cisco Email Security Appliance (ESA) podría permitir a un atacante remoto no autenticado saltarse la autenticación e iniciar sesión en la interfaz de administración web de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-esa-auth-bypass-66kEcxQD • CWE-287: Improper Authentication •