Vulnerability Name:

CVE-2022-20664 (CCN-228952)

Assigned:2021-11-02
Published:2022-06-15
Updated:2022-06-27
Summary:A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.
CVSS v3 Severity:7.7 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
7.7 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2022-20664

Source: XF
Type: UNKNOWN
cisco-cve202220664-info-disc(228952)

Source: CCN
Type: Cisco Security Advisory cisco-sa-esasma-info-dsc-Q9tLuOvM
Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability

Source: CISCO
Type: Vendor Advisory
20220615 Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:email_security_appliance:*:*:*:*:*:*:*:* (Version < 14.0.2-020)
  • OR cpe:/a:cisco:secure_email_and_web_manager:*:*:*:*:*:*:*:* (Version < 13.6.2-090)
  • OR cpe:/a:cisco:secure_email_and_web_manager:*:*:*:*:*:*:*:* (Version >= 14.1 and < 14.1.0-227)

    • Configuration CCN 1:
  • cpe:/a:cisco:email_security_appliance:-:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco email security appliance *
    cisco secure email and web manager *
    cisco secure email and web manager *
    cisco email security appliance -
    cisco secure email and web manager -