Security News > 2022 > June > Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication
Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication.
Assigned the CVE identifier CVE-2022-20798, the bypass vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring system and stems from improper authentication checks when an affected device uses Lightweight Directory Access Protocol for external authentication.
"An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device," Cisco noted in an advisory.
"A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device."
The flaw, which it said was identified during the resolution of a technical assistance center case, impacts ESA and Secure Email and Web Manager running vulnerable AsyncOS software versions 11 and earlier, 12, 12.x, 13, 13.x, 14, and 14.x and when the following two conditions are met -.
Separately, Cisco also notified customers of another critical flaw affecting its Small Business RV110W, RV130, RV130W, and RV215W routers that could allow an unauthenticated, remote adversary to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service condition.
News URL
https://thehackernews.com/2022/06/critical-flaw-in-cisco-secure-email-and.html
Related news
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
- Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software (source)
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-20798 | Improper Authentication vulnerability in Cisco products A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. | 9.8 |