Vulnerabilities > CVE-2022-20738 - Unspecified vulnerability in Cisco Umbrella Secure web Gateway

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cisco

critical

NVD

Published: 2022-02-10

Updated: 2023-11-07

Summary

A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote attacker to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vulnerability by downloading a crafted payload through specific methods. A successful exploit could allow the attacker to bypass file inspection protections and download a malicious payload.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Umbrella Secure WEB Gateway -	1

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swg-fbyps-3z4qT7p