Privilege Escalation Vulnerability in Cisco Email Security Appliance
CVE-2022-20868

4.7MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Secure Web Appliance; Cisco Secure Email; Cisco Secure Email And Web Manager
Vendor: CVE Published:; 4 November 2022

Badges

👾 Exploit Exists

What is CVE-2022-20868?

A vulnerability exists in the web-based management interface of Cisco’s Email Security Appliance, Secure Email and Web Manager, and Secure Web Appliance. This flaw allows an authenticated remote attacker to elevate their privileges by exploiting a hardcoded value utilized for encrypting tokens in certain API calls. By authenticating and sending a specially crafted HTTP request, the attacker can impersonate another legitimate user, executing commands with the authority of that user. This could pose significant risks, particularly in environments where access to sensitive information and functionalities is controlled through user privileges.

Affected Version(s)

Cisco Secure Email 13.0.0-392

Cisco Secure Email 13.5.1-277

Cisco Secure Email 14.0.0-698

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Nov 4, 2022
Vulnerability Reserved
Nov 2, 2021