CVE-2022-20798

Description from NVD

A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.

Information Acquisition Date:2022-06-17T12:48Z
CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

NVD References

 20220615 Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
     source:CISCO
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Android(1 tweets) Cisco(25 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://www.bleepingcomputer.com/news/security/cisco-secure...5
https://tools.cisco.com/security/center/content/CiscoSecuri...3

▼ Show Information from Twitter(40)


List of frequently cited URLs

URLNum of Times Referred to
www.bleepingcomputer.com5
tools.cisco.com3

▼ Show Information from Twitter(40)


GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2022/07/04 Score : 1
Added Har-sia Database : 2022/06/16
Last Modified : 2022/07/04
Highest Scored Date : 2022/06/16
Highest Score : 22