Details of VAR-202204-1101

ID

VAR-202204-1101

CVE

CVE-2022-20784

TITLE

Cisco Web Security Appliance Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010074

DESCRIPTION

A vulnerability in the Web-Based Reputation Score (WBRS) engine of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass established web request policies and access blocked content on an affected device. This vulnerability is due to incorrect handling of certain character combinations inserted into a URL. An attacker could exploit this vulnerability by sending crafted URLs to be processed by an affected device. A successful exploit could allow the attacker to bypass the web proxy and access web content that has been blocked by policy

Trust: 1.71

sources: NVD: CVE-2022-20784 // JVNDB: JVNDB-2022-010074 // VULMON: CVE-2022-20784

AFFECTED PRODUCTS

vendor:	cisco	model:	web security appliance	scope:	lt	version:	14.0.2	Trust: 1.0
vendor:	cisco	model:	web security appliance	scope:	gte	version:	11.7.0	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco web セキュリティアプライアンス	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco web セキュリティアプライアンス	scope:	eq	version:	cisco web security appliance	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco web セキュリティアプライアンス	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-010074 // NVD: CVE-2022-20784

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20784
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20784
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-20784
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202204-2469
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2022-20784
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-20784
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2022-20784
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20784
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2022-20784
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2022-20784 // JVNDB: JVNDB-2022-010074 // CNNVD: CNNVD-202204-2469 // NVD: CVE-2022-20784 // NVD: CVE-2022-20784

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.0
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-010074 // NVD: CVE-2022-20784

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-2469

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202204-2469

PATCH

title:	cisco-sa-swa-filter-bypass-XXXTU3X	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-filter-bypass-XXXTU3X	Trust: 0.8
title:	Cisco: Cisco Web Security Appliance Filter Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-swa-filter-bypass-XXXTU3X	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-20784 // JVNDB: JVNDB-2022-010074

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20784	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-010074	Trust: 0.8
db:	CS-HELP	id:	SB2022040625	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-2469	Trust: 0.6
db:	VULMON	id:	CVE-2022-20784	Trust: 0.1

sources: VULMON: CVE-2022-20784 // JVNDB: JVNDB-2022-010074 // CNNVD: CNNVD-202204-2469 // NVD: CVE-2022-20784

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-swa-filter-bypass-xxxtu3x	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20784	Trust: 0.8
url:	https://vigilance.fr/vulnerability/cisco-wsa-egress-filtrering-bypass-via-wbrs-37991	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022040625	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-20784/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULMON: CVE-2022-20784 // JVNDB: JVNDB-2022-010074 // CNNVD: CNNVD-202204-2469 // NVD: CVE-2022-20784

SOURCES

db:	VULMON	id:	CVE-2022-20784
db:	JVNDB	id:	JVNDB-2022-010074
db:	CNNVD	id:	CNNVD-202204-2469
db:	NVD	id:	CVE-2022-20784

LAST UPDATE DATE

2024-11-23T21:32:35.205000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-20784	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2022-010074	date:	2023-08-10T06:08:00
db:	CNNVD	id:	CNNVD-202204-2469	date:	2022-04-15T00:00:00
db:	NVD	id:	CVE-2022-20784	date:	2024-11-21T06:43:33.007

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-20784	date:	2022-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2022-010074	date:	2023-08-10T00:00:00
db:	CNNVD	id:	CNNVD-202204-2469	date:	2022-04-06T00:00:00
db:	NVD	id:	CVE-2022-20784	date:	2022-04-06T18:15:08.783