cisco email-security-appliance CVE-2022-20798 vulnerability in Cisco Products
Published on June 15, 2022

Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2022-20798 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2022-20798 has been classified to as an authentification vulnerability or weakness.


Products Associated with CVE-2022-20798

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-20798 are published in these products:

Cisco Email Security Appliance
 
Cisco Secure Email And Web Manager
 

Affected Versions

Cisco Email Security Appliance (ESA) Version n/a is affected by CVE-2022-20798

Exploit Probability

EPSS
1.31%
Percentile
79.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.