CVE-2022-20664 – Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-20664
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasma-info-dsc-Q9tLuOvM • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2021-1561 – Cisco Secure Email and Web Manager Spam Quarantine Unauthorized Access Vulnerability
https://notcve.org/view.php?id=CVE-2021-1561
A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to modify another user's spam quarantine settings, possibly disabling security controls or viewing email messages stored on the spam quarantine interfaces. Una vulnerabilidad en la funcionalidad spam quarantine de Cisco Secure Email and Web Manager, anteriormente Cisco Security Management Appliance (SMA), podría permitir a un atacante autenticado remoto conseguir acceso no autorizado y modificar la configuración de spam quarantine de otro usuario. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-spam-jPxUXMk • CWE-287: Improper Authentication CWE-302: Authentication Bypass by Assumed-Immutable Data •