Details of VAR-202302-1614

ID

VAR-202302-1614

CVE

CVE-2023-20075

TITLE

Cisco Systems Cisco Email Security Appliance In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-005122

DESCRIPTION

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. Cisco Systems Cisco Email Security Appliance for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 1.71

sources: NVD: CVE-2023-20075 // JVNDB: JVNDB-2023-005122 // VULMON: CVE-2023-20075

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	gte	version:	13.5.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	12.5.3-041	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	13.0.5-007	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	14.3.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.3.0-032	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.2.1-020	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	12.5.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	13.5.4-038	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	14.3.0 that's all 14.3.0-032	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	12.5.0 that's all 12.5.3-041	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	13.0.0 that's all 13.0.5-007	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	14.0.0 that's all 14.2.1-020	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	13.5.0 that's all 13.5.4-038	Trust: 0.8

sources: JVNDB: JVNDB-2023-005122 // NVD: CVE-2023-20075

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2023-20075
value:	MEDIUM
Trust: 1.8
ykramarz@cisco.com:	CVE-2023-20075
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202303-052
value:	MEDIUM
Trust: 0.6

NVD:
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:
baseSeverity:	MEDIUM
baseScore:	6.0
vectorString:	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	0.8
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2023-20075
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-005122 // CNNVD: CNNVD-202303-052 // NVD: CVE-2023-20075 // NVD: CVE-2023-20075

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-005122 // NVD: CVE-2023-20075

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202303-052

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202303-052

CONFIGURATIONS

sources: NVD: CVE-2023-20075

PATCH

title:	cisco-sa-esa-sma-privesc-9DVkFpJ8	url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8	Trust: 0.8
title:	Cisco Secure Email Fixes for operating system command injection vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=228696	Trust: 0.6
title:	Cisco: Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-esa-sma-privesc-9dvkfpj8	Trust: 0.1

sources: VULMON: CVE-2023-20075 // JVNDB: JVNDB-2023-005122 // CNNVD: CNNVD-202303-052

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20075	Trust: 3.3
db:	JVNDB	id:	JVNDB-2023-005122	Trust: 0.8
db:	CNNVD	id:	CNNVD-202303-052	Trust: 0.6
db:	VULMON	id:	CVE-2023-20075	Trust: 0.1

sources: VULMON: CVE-2023-20075 // JVNDB: JVNDB-2023-005122 // CNNVD: CNNVD-202303-052 // NVD: CVE-2023-20075

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2023-20075	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-20075/	Trust: 0.6

sources: VULMON: CVE-2023-20075 // JVNDB: JVNDB-2023-005122 // CNNVD: CNNVD-202303-052 // NVD: CVE-2023-20075

SOURCES

db:	VULMON	id:	CVE-2023-20075
db:	JVNDB	id:	JVNDB-2023-005122
db:	CNNVD	id:	CNNVD-202303-052
db:	NVD	id:	CVE-2023-20075

LAST UPDATE DATE

2024-01-29T19:36:07.218000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2023-005122	date:	2023-11-06T07:52:00
db:	CNNVD	id:	CNNVD-202303-052	date:	2023-03-14T00:00:00
db:	NVD	id:	CVE-2023-20075	date:	2024-01-25T17:15:28.767

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2023-005122	date:	2023-11-06T00:00:00
db:	CNNVD	id:	CNNVD-202303-052	date:	2023-03-01T00:00:00
db:	NVD	id:	CVE-2023-20075	date:	2023-03-01T08:15:12.283