Cisco is reporting security vulnerabilities in its Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management products. Attackers could perform SQL injection attack or gain root privileges. Updates are ready.
Multiple vulnerabilities in the next-generation UI management interface for Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an attacker to gain permissions elevate or to perform a SQL injection attack and gain root privileges.
Security vulnerability updates from Cisco
- CVE-2022-20868 affects Cisco ESA and Cisco Secure Email and Web Manager.
- CVE-2022-20867 affects Cisco ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
CVE-2022-20867
Cisco ESA and Cisco Secure Email and Web Manager Next Generation Management SQL Injection Vulnerability
A vulnerability in the next-generation Cisco ESA and Cisco Secure Email and Web Manager UI management interface could allow an authenticated, remote attacker to launch SQL injection attacks as a Root to be performed on an affected system. To exploit this vulnerability, an attacker would need the credentials of a highly privileged user account.
This vulnerability is due to improper verification of the parameters submitted by the user. An attacker could exploit this vulnerability by authenticating against the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain or modify data stored in the underlying database of the affected system.
Security Impact Rating (SIR): High, CVSS Baseline: 4,7
CVE-2022-20868
Cisco ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management Privilege Escalation Vulnerability
A vulnerability in the next-generation UI management interface of Cisco ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance could allow an authenticated remote attacker to elevate privileges on an affected system.
This vulnerability is due to the use of a hard-coded value to encrypt a token used for certain API calls. An attacker could exploit this vulnerability by authenticating to an affected device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and run commands with that user account's privileges.
Security Impact Rating (SIR): Medium, CVSS baseline: 5,4
More at Cisco.com
About Cisco
Cisco is the world's leading technology company that makes the Internet possible. Cisco is opening new possibilities for applications, data security, infrastructure transformation and the empowerment of teams for a global and inclusive future.