Cisco Secure Email Gateway/SMA Authenticated SNMP File Upload Priv Escalation
CVE-2023-20009 Published on March 1, 2023
A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device.
Vulnerability Analysis
CVE-2023-20009 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2023-20009
stack.watch emails you whenever new vulnerabilities are published in Cisco Secure Email And Web Manager or Cisco Email Security Appliance. Just hit a watch button to start following.
Affected Versions
Cisco Secure Email:- Version 11.0.3-238 is affected.
- Version 11.1.0-069 is affected.
- Version 11.1.0-131 is affected.
- Version 11.1.0-128 is affected.
- Version 12.0.0-419 is affected.
- Version 12.1.0-071 is affected.
- Version 12.1.0-087 is affected.
- Version 12.1.0-089 is affected.
- Version 13.0.0-392 is affected.
- Version 13.5.1-277 is affected.
- Version 12.5.0-066 is affected.
- Version 14.0.0-698 is affected.
- Version 14.2.0-620 is affected.
- Version 11.0.0-115 is affected.
- Version 11.0.1-161 is affected.
- Version 11.5.1-105 is affected.
- Version 12.0.0-452 is affected.
- Version 12.0.1-011 is affected.
- Version 12.5.0-636 is affected.
- Version 12.5.0-658 is affected.
- Version 12.5.0-678 is affected.
- Version 12.5.0-670 is affected.
- Version 13.0.0-277 is affected.
- Version 13.6.2-078 is affected.
- Version 13.8.1-068 is affected.
- Version 13.8.1-074 is affected.
- Version 12.8.1-002 is affected.
- Version 14.0.0-404 is affected.
- Version 14.1.0-223 is affected.
- Version 14.1.0-227 is affected.
- Version 14.2.0-212 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.