cisco email-security-appliance CVE-2022-20664 vulnerability in Cisco Products
Published on June 15, 2022

Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability
A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2022-20664 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
NONE

Weakness Type

Exposure of Sensitive System Information to an Unauthorized Control Sphere

The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.


Products Associated with CVE-2022-20664

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-20664 are published in these products:

Cisco Email Security Appliance
 
Cisco Secure Email And Web Manager
 

Affected Versions

Cisco Email Security Appliance (ESA) Version n/a is affected by CVE-2022-20664

Exploit Probability

EPSS
0.37%
Percentile
58.63%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.