Privilege Escalation in Cisco Secure Email Gateway and Manager
CVE-2023-20009

7.2HIGH

Key Information:

Vendor: Cisco
Status: Cisco Secure Email; Cisco Secure Email and Web Manager
Vendor: CVE Published:; 1 March 2023

Summary

A vulnerability exists within the Web UI and administrative CLI of Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA). This security flaw enables both authenticated local and remote attackers to escalate their privileges, potentially gaining root access on the device. The issue arises from the mishandling of specially crafted SNMP configuration files. To exploit this vulnerability, an attacker must have valid user credentials with operational privileges. Once authenticated, the attacker can upload a malicious SNMP configuration file that could allow for the execution of commands as root, thereby compromising the device's integrity.

Affected Version(s)

Cisco Secure Email 11.0.3-238

Cisco Secure Email 11.1.0-069

Cisco Secure Email 11.1.0-131

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 1, 2023
Vulnerability Reserved
Oct 27, 2022