Sign-up

ID

VAR-202302-1598


CVE

CVE-2023-20009


TITLE

Cisco Secure Email Code problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

DESCRIPTION

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 0.99

sources: NVD: CVE-2023-20009 // VULMON: CVE-2023-20009

AFFECTED PRODUCTS

vendor:ciscomodel:email security appliancescope:gteversion:14.3.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:14.0.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:13.0.5-007

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:13.5.4-038

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.2.1-020

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:12.5.3-041

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:13.5.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:gteversion:13.8.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:13.8.1-108

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:13.0.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:gteversion:14.3.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:12.8.1-021

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:gteversion:14.0.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.3.0-032

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:14.2.0-224

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:14.3.0-120

Trust: 1.0

sources: NVD: CVE-2023-20009

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2023-20009
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202303-044
value: HIGH

Trust: 0.6

NVD: CVE-2023-20009
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009

PROBLEMTYPE DATA

problemtype:CWE-434

Trust: 1.0

sources: NVD: CVE-2023-20009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2023-20009

PATCH
title:Cisco Secure Email Fixes for code issue vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=228469
Trust: 0.6
title:Cisco: Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-esa-sma-privesc-9dvkfpj8
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-20009 // 
            
            
            
            CNNVD: CNNVD-202303-044

EXTERNAL IDS
db:NVDid:CVE-2023-20009
Trust: 1.7
db:CNNVDid:CNNVD-202303-044
Trust: 0.6
db:VULMONid:CVE-2023-20009
Trust: 0.1
sources:
            
            
            VULMON: CVE-2023-20009 // 
            
            
            
            CNNVD: CNNVD-202303-044 // 
            
            
            
            NVD: CVE-2023-20009

REFERENCES
url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8
Trust: 1.7
url:https://cxsecurity.com/cveshow/cve-2023-20009/
Trust: 0.6
sources:
            
            
            VULMON: CVE-2023-20009 // 
            
            
            
            CNNVD: CNNVD-202303-044 // 
            
            
            
            NVD: CVE-2023-20009

SOURCES
db:VULMONid:CVE-2023-20009
db:CNNVDid:CNNVD-202303-044
db:NVDid:CVE-2023-20009

LAST UPDATE DATE
2023-03-13T23:02:32.703000+00:00

SOURCES UPDATE DATE
db:CNNVDid:CNNVD-202303-044date:2023-03-13T00:00:00
db:NVDid:CVE-2023-20009date:2023-03-10T16:54:00

SOURCES RELEASE DATE
db:CNNVDid:CNNVD-202303-044date:2023-03-01T00:00:00
db:NVDid:CVE-2023-20009date:2023-03-01T08:15:00