CVE-2022-20868

Summary

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit this vulnerability.

This vulnerability is due to the use of a hardcoded value to encrypt a token used for certain APIs calls . An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to impersonate another valid user and execute commands with the privileges of that user account.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance14.0.2-012affected
CiscoCisco Secure Email13.0.0-392affected
CiscoCisco Secure Email13.5.1-277affected
CiscoCisco Secure Email14.0.0-698affected
CiscoCisco Secure Email14.2.0-620affected
CiscoCisco Secure Email and Web Manager12.0.0-452affected
CiscoCisco Secure Email and Web Manager12.0.1-011affected
CiscoCisco Secure Email and Web Manager12.5.0-636affected
CiscoCisco Secure Email and Web Manager12.5.0-658affected
CiscoCisco Secure Email and Web Manager12.5.0-678affected
CiscoCisco Secure Email and Web Manager12.5.0-670affected
CiscoCisco Secure Email and Web Manager13.0.0-277affected
CiscoCisco Secure Email and Web Manager13.6.2-078affected
CiscoCisco Secure Email and Web Manager13.8.1-068affected
CiscoCisco Secure Email and Web Manager13.8.1-074affected
CiscoCisco Secure Email and Web Manager12.8.1-002affected
CiscoCisco Secure Email and Web Manager14.0.0-404affected
CiscoCisco Secure Email and Web Manager14.1.0-223affected
CiscoCisco Secure Email and Web Manager14.1.0-227affected

Weaknesses

  • CWE-321: Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

References