Details of VAR-202211-0184

ID

VAR-202211-0184

CVE

CVE-2022-20960

TITLE

Cisco Systems Cisco Email Security Appliance Certificate validation vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845

DESCRIPTION

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated

Trust: 1.71

sources: NVD: CVE-2022-20960 // JVNDB: JVNDB-2022-022845 // VULHUB: VHN-405513

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	gte	version:	14.3.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.2.1-015	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.3.0-020	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	14.2.1-015	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	eq	version:	14.3.0 that's all 14.3.0-020	Trust: 0.8

sources: JVNDB: JVNDB-2022-022845 // NVD: CVE-2022-20960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20960
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20960
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-20960
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202211-1949
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-20960
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-20960
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960 // NVD: CVE-2022-20960

PROBLEMTYPE DATA

problemtype:	CWE-295	Trust: 1.1
problemtype:	CWE-400	Trust: 1.0
problemtype:	Illegal certificate verification (CWE-295) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // NVD: CVE-2022-20960

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-1949

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202211-1949

PATCH

title:

cisco-sa-esa-dos-gdghHmbV

url:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-gdghHmbV

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20960	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022845	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-1949	Trust: 0.6
db:	VULHUB	id:	VHN-405513	Trust: 0.1

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-dos-gdghhmbv	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20960	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-dos-gdghhmbv	Trust: 0.7
url:	https://vigilance.fr/vulnerability/cisco-esa-overload-via-tls-connections-39815	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-20960/	Trust: 0.6

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960

SOURCES

db:	VULHUB	id:	VHN-405513
db:	JVNDB	id:	JVNDB-2022-022845
db:	CNNVD	id:	CNNVD-202211-1949
db:	NVD	id:	CVE-2022-20960

LAST UPDATE DATE

2024-08-14T13:21:32.818000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405513	date:	2022-11-08T00:00:00
db:	JVNDB	id:	JVNDB-2022-022845	date:	2023-11-21T02:13:00
db:	CNNVD	id:	CNNVD-202211-1949	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-20960	date:	2024-01-25T17:15:22.563

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405513	date:	2022-11-04T00:00:00
db:	JVNDB	id:	JVNDB-2022-022845	date:	2023-11-21T00:00:00
db:	CNNVD	id:	CNNVD-202211-1949	date:	2022-11-02T00:00:00
db:	NVD	id:	CVE-2022-20960	date:	2022-11-04T18:15:11.347