All the vulnerabilites related to Cisco - Cisco Secure Email and Web Manager
cve-2024-20383
Vulnerability from cvelistv5
Published
2024-05-15 17:59
Modified
2024-08-01 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local attacker to elevate privileges to root on the underlying operating system.
The vulnerability is due to an incorrect privilege assignment when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Secure Email and Web Manager |
Version: 9.0.0-087 Version: 11.0.0-115 Version: 11.0.1-161 Version: 11.5.1-105 Version: 12.0.0-452 Version: 12.0.1-011 Version: 12.5.0-636 Version: 12.5.0-658 Version: 12.5.0-678 Version: 12.5.0-670 Version: 13.0.0-277 Version: 13.6.2-078 Version: 13.8.1-068 Version: 13.8.1-074 Version: 13.8.1-108 Version: 12.8.1-002 Version: 12.8.1-021 Version: 14.0.0-404 Version: 14.1.0-223 Version: 14.1.0-227 Version: 14.2.0-212 Version: 14.2.0-224 Version: 14.2.1-020 Version: 14.3.0-120 Version: 15.0.0-334 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20383", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-16T18:50:56.053580Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:40:43.042Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:42.314Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "9.0.0-087" }, { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "13.8.1-108" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "12.8.1-021" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" }, { "status": "affected", "version": "15.0.0-334" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Cisco Crosswork NSO CLI and the ConfD CLI could allow an authenticated, low-privileged, local attacker to elevate privileges to root on the underlying operating system.\r\n\r The vulnerability is due to an incorrect privilege assignment when specific CLI commands are used. An attacker could exploit this vulnerability by executing an affected CLI command. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T18:13:46.829Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "source": { "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "defects": [ "CSCwi59618" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20383", "datePublished": "2024-05-15T17:59:49.921Z", "dateReserved": "2023-11-08T15:08:07.658Z", "dateUpdated": "2024-08-01T21:59:42.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20258
Vulnerability from cvelistv5
Published
2024-05-15 17:32
Modified
2024-08-01 21:52
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Email |
Version: 11.0.3-238 Version: 11.1.0-069 Version: 11.1.0-131 Version: 11.1.0-128 Version: 12.0.0-419 Version: 12.1.0-071 Version: 12.1.0-087 Version: 12.1.0-089 Version: 13.0.0-392 Version: 13.0.5-007 Version: 13.5.1-277 Version: 13.5.4-038 Version: 12.5.0-066 Version: 12.5.4-041 Version: 12.5.3-041 Version: 14.0.0-698 Version: 14.2.0-620 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 |
||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:secure_email:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "secure_email", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "15.5.0-048", "status": "affected", "version": "11.0.3-238", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "secure_email_and_web_manager", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "15.0.0-334", "status": "affected", "version": "9.0.0-087", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20258", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-16T17:18:20.336833Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:40:25.043Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:52:31.784Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.3-238" }, { "status": "affected", "version": "11.1.0-069" }, { "status": "affected", "version": "11.1.0-131" }, { "status": "affected", "version": "11.1.0-128" }, { "status": "affected", "version": "12.0.0-419" }, { "status": "affected", "version": "12.1.0-071" }, { "status": "affected", "version": "12.1.0-087" }, { "status": "affected", "version": "12.1.0-089" }, { "status": "affected", "version": "13.0.0-392" }, { "status": "affected", "version": "13.0.5-007" }, { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "13.5.4-038" }, { "status": "affected", "version": "12.5.0-066" }, { "status": "affected", "version": "12.5.4-041" }, { "status": "affected", "version": "12.5.3-041" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-032" }, { "status": "affected", "version": "15.0.0-104" }, { "status": "affected", "version": "15.0.1-030" }, { "status": "affected", "version": "15.5.0-048" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "9.0.0-087" }, { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "13.8.1-108" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "12.8.1-021" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" }, { "status": "affected", "version": "15.0.0-334" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T17:32:16.125Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "source": { "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "defects": [ "CSCwf84882", "CSCwj12619", "CSCwf93368" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20258", "datePublished": "2024-05-15T17:32:16.125Z", "dateReserved": "2023-11-08T15:08:07.623Z", "dateUpdated": "2024-08-01T21:52:31.784Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20504
Vulnerability from cvelistv5
Published
2024-11-06 16:29
Modified
2024-11-06 17:05
Severity ?
EPSS score ?
Summary
Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Email |
Version: 14.0.0-698 Version: 14.2.0-620 Version: 14.2.1-020 Version: 14.3.0-032 Version: 15.0.0-104 Version: 15.0.1-030 Version: 15.5.0-048 Version: 15.5.1-055 |
||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20504", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-06T17:05:32.372312Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-06T17:05:40.097Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-032" }, { "status": "affected", "version": "15.0.0-104" }, { "status": "affected", "version": "15.0.1-030" }, { "status": "affected", "version": "15.5.0-048" }, { "status": "affected", "version": "15.5.1-055" } ] }, { "defaultStatus": "unknown", "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" }, { "status": "affected", "version": "15.0.0-334" }, { "status": "affected", "version": "15.5.1-024" }, { "status": "affected", "version": "15.5.1-029" } ] }, { "defaultStatus": "unknown", "product": "Cisco Secure Web Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "14.1.0-032" }, { "status": "affected", "version": "14.1.0-047" }, { "status": "affected", "version": "14.1.0-041" }, { "status": "affected", "version": "14.0.2-012" }, { "status": "affected", "version": "14.5.0-498" }, { "status": "affected", "version": "14.0.3-014" }, { "status": "affected", "version": "14.0.4-005" }, { "status": "affected", "version": "14.5.1-008" }, { "status": "affected", "version": "14.5.1-016" }, { "status": "affected", "version": "15.0.0-355" }, { "status": "affected", "version": "15.0.0-322" }, { "status": "affected", "version": "15.1.0-287" }, { "status": "affected", "version": "14.5.2-011" }, { "status": "affected", "version": "15.2.0-116" }, { "status": "affected", "version": "14.0.5-007" }, { "status": "affected", "version": "15.2.0-164" }, { "status": "affected", "version": "14.5.1-510" }, { "status": "affected", "version": "14.5.1-607" }, { "status": "affected", "version": "14.5.3-033" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-80", "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-06T16:29:37.791Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-wsa-sma-xss-zYm3f49n", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n" } ], "source": { "advisory": "cisco-sa-esa-wsa-sma-xss-zYm3f49n", "defects": [ "CSCwj72814" ], "discovery": "EXTERNAL" }, "title": "Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20504", "datePublished": "2024-11-06T16:29:37.791Z", "dateReserved": "2023-11-08T15:08:07.687Z", "dateUpdated": "2024-11-06T17:05:40.097Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20119
Vulnerability from cvelistv5
Published
2023-06-28 00:00
Modified
2024-11-21 21:41
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Secure Email and Web Manager |
Version: 11.0.0-115 Version: 11.0.1-161 Version: 11.5.1-105 Version: 12.0.0-452 Version: 12.0.1-011 Version: 12.5.0-636 Version: 12.5.0-658 Version: 12.5.0-678 Version: 12.5.0-670 Version: 13.0.0-277 Version: 13.6.2-078 Version: 13.8.1-068 Version: 13.8.1-074 Version: 13.8.1-108 Version: 12.8.1-002 Version: 12.8.1-021 Version: 14.0.0-404 Version: 14.1.0-223 Version: 14.1.0-227 Version: 14.2.0-212 Version: 14.2.0-224 Version: 14.2.1-020 Version: 14.3.0-120 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:57:36.063Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-20119", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-30T15:42:48.824595Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-21T21:41:13.822Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "13.8.1-108" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "12.8.1-021" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:47.107Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq" } ], "source": { "advisory": "cisco-sa-esa-sma-wsa-xss-cP9DuEmq", "defects": [ "CSCwe12624" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20119", "datePublished": "2023-06-28T00:00:00", "dateReserved": "2022-10-27T00:00:00", "dateUpdated": "2024-11-21T21:41:13.822Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-20009
Vulnerability from cvelistv5
Published
2023-02-16 15:25
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].
The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Email |
Version: 11.0.3-238 Version: 11.1.0-069 Version: 11.1.0-131 Version: 11.1.0-128 Version: 12.0.0-419 Version: 12.1.0-071 Version: 12.1.0-087 Version: 12.1.0-089 Version: 13.0.0-392 Version: 13.5.1-277 Version: 12.5.0-066 Version: 14.0.0-698 Version: 14.2.0-620 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:57:35.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.3-238" }, { "status": "affected", "version": "11.1.0-069" }, { "status": "affected", "version": "11.1.0-131" }, { "status": "affected", "version": "11.1.0-128" }, { "status": "affected", "version": "12.0.0-419" }, { "status": "affected", "version": "12.1.0-071" }, { "status": "affected", "version": "12.1.0-087" }, { "status": "affected", "version": "12.1.0-089" }, { "status": "affected", "version": "13.0.0-392" }, { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "12.5.0-066" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]].\r\n\r The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "Improper Input Validation", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:30.327Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-privesc-9DVkFpJ8", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8" } ], "source": { "advisory": "cisco-sa-esa-sma-privesc-9DVkFpJ8", "defects": [ "CSCwd29901", "CSCwd29905" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20009", "datePublished": "2023-02-16T15:25:13.820Z", "dateReserved": "2022-10-27T18:47:50.307Z", "dateUpdated": "2024-08-02T08:57:35.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20942
Vulnerability from cvelistv5
Published
2022-11-03 19:30
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.
This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Web Appliance |
Version: 11.7.0-406 Version: 11.7.0-418 Version: 11.7.1-049 Version: 11.7.1-006 Version: 11.7.1-020 Version: 11.7.2-011 Version: 11.8.0-414 Version: 11.8.1-023 Version: 11.8.3-018 Version: 11.8.3-021 Version: 12.0.1-268 Version: 12.0.3-007 Version: 12.5.2-007 Version: 12.5.1-011 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:31:59.271Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Web Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.7.0-406" }, { "status": "affected", "version": "11.7.0-418" }, { "status": "affected", "version": "11.7.1-049" }, { "status": "affected", "version": "11.7.1-006" }, { "status": "affected", "version": "11.7.1-020" }, { "status": "affected", "version": "11.7.2-011" }, { "status": "affected", "version": "11.8.0-414" }, { "status": "affected", "version": "11.8.1-023" }, { "status": "affected", "version": "11.8.3-018" }, { "status": "affected", "version": "11.8.3-021" }, { "status": "affected", "version": "12.0.1-268" }, { "status": "affected", "version": "12.0.3-007" }, { "status": "affected", "version": "12.5.2-007" }, { "status": "affected", "version": "12.5.1-011" } ] }, { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.3-238" }, { "status": "affected", "version": "11.1.0-069" }, { "status": "affected", "version": "11.1.0-131" }, { "status": "affected", "version": "11.1.0-128" }, { "status": "affected", "version": "12.0.0-419" }, { "status": "affected", "version": "12.1.0-071" }, { "status": "affected", "version": "12.1.0-087" }, { "status": "affected", "version": "12.1.0-089" }, { "status": "affected", "version": "13.0.0-392" }, { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "12.5.0-066" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials.\r\n\r This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-359", "description": "Exposure of Private Personal Information to an Unauthorized Actor", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:18.446Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-cnt-sec-infodiscl-BVKKnUG", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG" } ], "source": { "advisory": "cisco-sa-cnt-sec-infodiscl-BVKKnUG", "defects": [ "CSCwc43106", "CSCwc43102", "CSCwc43104" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20942", "datePublished": "2022-11-03T19:30:36.424Z", "dateReserved": "2021-11-02T13:28:29.193Z", "dateUpdated": "2024-08-03T02:31:59.271Z", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20868
Vulnerability from cvelistv5
Published
2022-11-03 19:29
Modified
2024-08-03 02:24
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability.
This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Web Appliance |
Version: 11.8.0-414 Version: 11.8.1-023 Version: 11.8.3-018 Version: 11.8.3-021 Version: 12.0.1-268 Version: 12.0.3-007 Version: 12.5.2-007 Version: 12.5.1-011 Version: 12.5.4-005 Version: 14.5.0-498 Version: 14.0.2-012 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:24:50.239Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco Secure Web Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.8.0-414" }, { "status": "affected", "version": "11.8.1-023" }, { "status": "affected", "version": "11.8.3-018" }, { "status": "affected", "version": "11.8.3-021" }, { "status": "affected", "version": "12.0.1-268" }, { "status": "affected", "version": "12.0.3-007" }, { "status": "affected", "version": "12.5.2-007" }, { "status": "affected", "version": "12.5.1-011" }, { "status": "affected", "version": "12.5.4-005" }, { "status": "affected", "version": "14.5.0-498" }, { "status": "affected", "version": "14.0.2-012" } ] }, { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "13.0.0-392" }, { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability. \r\n\r\nThis vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.\r\n" } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-321", "description": "Use of Hard-coded Cryptographic Key", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:11.853Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD" } ], "source": { "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "defects": [ "CSCwc12181", "CSCwc12183", "CSCwc12184" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20868", "datePublished": "2022-11-03T19:29:31.722Z", "dateReserved": "2021-11-02T13:28:29.182Z", "dateUpdated": "2024-08-03T02:24:50.239Z", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20256
Vulnerability from cvelistv5
Published
2024-05-15 17:56
Modified
2024-08-15 15:29
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Web Appliance |
Version: 11.7.0-406 Version: 11.7.0-418 Version: 11.7.1-049 Version: 11.7.1-006 Version: 11.7.1-020 Version: 11.7.2-011 Version: 11.8.0-414 Version: 11.8.1-023 Version: 11.8.3-018 Version: 11.8.3-021 Version: 12.0.1-268 Version: 12.0.3-007 Version: 12.5.2-007 Version: 12.5.1-011 Version: 12.5.4-005 Version: 12.5.5-004 Version: 12.5.6-008 Version: 14.5.0-498 Version: 14.5.1-016 Version: 14.0.3-014 Version: 14.0.2-012 Version: 14.0.4-005 Version: 15.0.0-322 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T21:52:31.613Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2024-20256", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-15T18:47:15.332751Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-15T15:29:20.282Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Secure Web Appliance", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "11.7.0-406" }, { "status": "affected", "version": "11.7.0-418" }, { "status": "affected", "version": "11.7.1-049" }, { "status": "affected", "version": "11.7.1-006" }, { "status": "affected", "version": "11.7.1-020" }, { "status": "affected", "version": "11.7.2-011" }, { "status": "affected", "version": "11.8.0-414" }, { "status": "affected", "version": "11.8.1-023" }, { "status": "affected", "version": "11.8.3-018" }, { "status": "affected", "version": "11.8.3-021" }, { "status": "affected", "version": "12.0.1-268" }, { "status": "affected", "version": "12.0.3-007" }, { "status": "affected", "version": "12.5.2-007" }, { "status": "affected", "version": "12.5.1-011" }, { "status": "affected", "version": "12.5.4-005" }, { "status": "affected", "version": "12.5.5-004" }, { "status": "affected", "version": "12.5.6-008" }, { "status": "affected", "version": "14.5.0-498" }, { "status": "affected", "version": "14.5.1-016" }, { "status": "affected", "version": "14.0.3-014" }, { "status": "affected", "version": "14.0.2-012" }, { "status": "affected", "version": "14.0.4-005" }, { "status": "affected", "version": "15.0.0-322" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "9.0.0-087" }, { "status": "affected", "version": "11.0.0-115" }, { "status": "affected", "version": "11.0.1-161" }, { "status": "affected", "version": "11.5.1-105" }, { "status": "affected", "version": "12.0.0-452" }, { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "13.8.1-108" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "12.8.1-021" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" }, { "status": "affected", "version": "14.2.0-224" }, { "status": "affected", "version": "14.2.1-020" }, { "status": "affected", "version": "14.3.0-120" }, { "status": "affected", "version": "15.0.0-334" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web Appliance could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.\r\n\rThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T17:56:38.074Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-bgG5WHOD" } ], "source": { "advisory": "cisco-sa-esa-sma-wsa-xss-bgG5WHOD", "defects": [ "CSCwe88788", "CSCwe91887" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20256", "datePublished": "2024-05-15T17:56:38.074Z", "dateReserved": "2023-11-08T15:08:07.623Z", "dateUpdated": "2024-08-15T15:29:20.282Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-1425
Vulnerability from cvelistv5
Published
2024-11-18 15:36
Modified
2024-11-18 15:58
Severity ?
EPSS score ?
Summary
Cisco Cisco Email Security Appliance and Content Security Management Appliance Information Disclosure Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Cisco | Cisco Secure Email and Web Manager |
Version: N/A |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-1425", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-18T15:58:03.148324Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-18T15:58:19.973Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "N/A" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;AsyncOS Software for Cisco\u0026nbsp;Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device.\r\nThe vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability." } ], "exploits": [ { "lang": "en", "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-201", "description": "Exposure of Sensitive Information Through Sent Data", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-18T15:36:48.271Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ" } ], "source": { "advisory": "cisco-sa-esa-sma-info-disclo-VOu2GHbZ", "defects": [ "CSCvw39308" ], "discovery": "EXTERNAL" }, "title": "Cisco Cisco Email Security Appliance and Content Security Management Appliance Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1425", "datePublished": "2024-11-18T15:36:48.271Z", "dateReserved": "2020-11-13T00:00:00.000Z", "dateUpdated": "2024-11-18T15:58:19.973Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20772
Vulnerability from cvelistv5
Published
2022-11-03 19:32
Modified
2024-10-25 16:04
Severity ?
EPSS score ?
Summary
A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack.
This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Email |
Version: 13.5.1-277 Version: 14.0.0-698 Version: 14.2.0-620 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:24:49.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-20772", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-25T14:36:51.994449Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-25T16:04:54.024Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" }, { "status": "affected", "version": "14.2.0-212" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack.\r\n\r This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-113", "description": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:07.057Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-ESA-HTTP-Inject-nvsycUmR", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-HTTP-Inject-nvsycUmR" } ], "source": { "advisory": "cisco-sa-ESA-HTTP-Inject-nvsycUmR", "defects": [ "CSCwa84908", "CSCvz24026" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20772", "datePublished": "2022-11-03T19:32:24.728Z", "dateReserved": "2021-11-02T13:28:29.103Z", "dateUpdated": "2024-10-25T16:04:54.024Z", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-20867
Vulnerability from cvelistv5
Published
2022-11-03 19:28
Modified
2024-11-20 14:32
Severity ?
EPSS score ?
Summary
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account.
This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Cisco | Cisco Secure Email |
Version: 13.0.0-392 Version: 13.5.1-277 Version: 12.5.0-066 Version: 14.0.0-698 Version: 14.2.0-620 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:24:50.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-20867", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-29T20:30:59.948121Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-20T14:32:35.941Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Secure Email", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "13.0.0-392" }, { "status": "affected", "version": "13.5.1-277" }, { "status": "affected", "version": "12.5.0-066" }, { "status": "affected", "version": "14.0.0-698" }, { "status": "affected", "version": "14.2.0-620" } ] }, { "product": "Cisco Secure Email and Web Manager", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "12.0.1-011" }, { "status": "affected", "version": "12.5.0-636" }, { "status": "affected", "version": "12.5.0-658" }, { "status": "affected", "version": "12.5.0-678" }, { "status": "affected", "version": "12.5.0-670" }, { "status": "affected", "version": "13.0.0-277" }, { "status": "affected", "version": "13.6.2-078" }, { "status": "affected", "version": "13.8.1-068" }, { "status": "affected", "version": "13.8.1-074" }, { "status": "affected", "version": "12.8.1-002" }, { "status": "affected", "version": "14.0.0-404" }, { "status": "affected", "version": "14.1.0-223" }, { "status": "affected", "version": "14.1.0-227" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in web-based management interface of the of Cisco Email Security Appliance and Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct SQL injection attacks as root on an affected system. The attacker must have the credentials of a high-privileged user account. \r\n\r This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.\r\n" } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:11.549Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasmawsa-vulns-YRuSW5mD" } ], "source": { "advisory": "cisco-sa-esasmawsa-vulns-YRuSW5mD", "defects": [ "CSCwc12185", "CSCwc12186" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2022-20867", "datePublished": "2022-11-03T19:28:53.428Z", "dateReserved": "2021-11-02T13:28:29.182Z", "dateUpdated": "2024-11-20T14:32:35.941Z", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }