cisco-sa-cnt-sec-infodiscl-BVKKnUG: Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability
First published: Wed Nov 02 2022(Updated: )
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see Meet Cisco Secure.
Credit: Sam Coleman SECFORCE
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco AsyncOS | =14.3<14.3.0-0232>=12.0 and earlier=13.0=14.0=14.1<=14.2<14.2.1-015 | 14.3.0-0232 14.2.1-015 |
| Cisco AsyncOS | =14.3<14.3.0-1152>=12.0 and earlier=13.0=14.0=14.1<=14.2<14.2.0-217 | 14.3.0-1152 14.2.0-217 |
| Cisco AsyncOS | =14.0<14.0.2-012=12.5<12.5.4-005>=11.0 and earlier<=12.0<12.0.5-011 | 14.0.2-012 12.5.4-005 12.0.5-011 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-cnt-sec-infodiscl-BVKKnUG?
The severity of cisco-sa-cnt-sec-infodiscl-BVKKnUG is medium with a severity value of 6.5.
Which Cisco products are affected by cisco-sa-cnt-sec-infodiscl-BVKKnUG?
Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance (formerly known as Cisco Web Security Appliance (WSA)) are affected by cisco-sa-cnt-sec-infodiscl-BVKKnUG.
How can an attacker exploit cisco-sa-cnt-sec-infodiscl-BVKKnUG?
An authenticated, remote attacker can exploit cisco-sa-cnt-sec-infodiscl-BVKKnUG to retrieve sensitive information from the web-based management interface.
What are the affected versions of Cisco AsyncOS for cisco-sa-cnt-sec-infodiscl-BVKKnUG?
The affected versions of Cisco AsyncOS for cisco-sa-cnt-sec-infodiscl-BVKKnUG are 14.3.0-0232, 14.2.1-015, 14.3.0-1152, 14.2.0-217, 14.0.2-012, 12.5.4-005, and 12.0.5-011.
Where can I find more information about cisco-sa-cnt-sec-infodiscl-BVKKnUG?
You can find more information about cisco-sa-cnt-sec-infodiscl-BVKKnUG on the Cisco Security Advisory page: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG
- collector/cisco-advisory
- agent/title
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/cisco
- canonical/cisco asyncos
- version/cisco asyncos/14.3
- version/cisco asyncos/12.0 and earlier
- version/cisco asyncos/13.0
- version/cisco asyncos/14.0
- version/cisco asyncos/14.1
- version/cisco asyncos/14.2
- version/cisco asyncos/12.5
- version/cisco asyncos/11.0 and earlier
- version/cisco asyncos/12.0