CVE-2022-20675

Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.

Una vulnerabilidad en la pila TCP/IP de Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA) y Cisco Secure Email and Web Manager, anteriormente Security Management Appliance, podría permitir a un atacante remoto no autenticado bloquear el Servicio del Protocolo Simple de Administrador de Redes (SNMP), resultando en una situación de denegación de servicio (DoS). Esta vulnerabilidad es debido a una escucha de puerto abierta en el puerto TCP 199. Un atacante podría explotar esta vulnerabilidad al conectarse al puerto TCP 199. Una explotación con éxito podría permitir al atacante bloquear el servicio SNMP, resultando en una condición de DoS

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2021-11-02 CVE Reserved
2022-04-06 CVE Published
2024-11-06 CVE Updated
2024-11-10 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-248: Uncaught Exception

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-SNMP-JLAJksWK	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Asyncos Search vendor "Cisco" for product "Asyncos"	>= 14.0 < 14.02.0-020 Search vendor "Cisco" for product "Asyncos" and version " >= 14.0 < 14.02.0-020"	-	Affected	in	Cisco Search vendor "Cisco"	Email Security Appliance Search vendor "Cisco" for product "Email Security Appliance"	-	-	Safe
Cisco Search vendor "Cisco"	Asyncos Search vendor "Cisco" for product "Asyncos"	>= 12.5 < 14.1.0-239 Search vendor "Cisco" for product "Asyncos" and version " >= 12.5 < 14.1.0-239"	-	Affected	in	Cisco Search vendor "Cisco"	Secure Email And Web Manager Search vendor "Cisco" for product "Secure Email And Web Manager"	-	-	Safe
Cisco Search vendor "Cisco"	Asyncos Search vendor "Cisco" for product "Asyncos"	>= 12.0 < 14.0.2-012 Search vendor "Cisco" for product "Asyncos" and version " >= 12.0 < 14.0.2-012"	-	Affected	in	Cisco Search vendor "Cisco"	Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance"	-	-	Safe