CVE-2022-20952

Summary

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance12.5.5-004affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance14.0.3-014affected
CiscoCisco Secure Web Appliance14.0.2-012affected

Weaknesses

  • CWE-20: Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References