SB2022061590 - Authentication bypass in Cisco Email Security Appliance and Cisco Secure Email and Web Manager
Published: June 15, 2022
Security Bulletin ID
SB2022061590
CSH Severity
Critical
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper Authentication (CVE-ID: CVE-2022-20798)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error improper authentication checks when using the Lightweight Directory Access Protocol (LDAP) for external authentication. A remote non-authenticated attacker can bypass specially crafted data to the login page of the affected device, bypass the authenticated process and gain unauthorized access to the system.
Remediation
Install update from vendor's website.