ID

VAR-202211-0184


CVE

CVE-2022-20960


TITLE

Cisco Systems  Cisco Email Security Appliance  Certificate validation vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845

DESCRIPTION

A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated

Trust: 1.71

sources: NVD: CVE-2022-20960 // JVNDB: JVNDB-2022-022845 // VULHUB: VHN-405513

AFFECTED PRODUCTS

vendor:ciscomodel:email security appliancescope:gteversion:14.3.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.2.1-015

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.3.0-020

Trust: 1.0

vendor:シスコシステムズmodel:cisco email security appliancescope:eqversion:14.2.1-015

Trust: 0.8

vendor:シスコシステムズmodel:cisco email security appliancescope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco email security appliancescope:eqversion:14.3.0 that's all 14.3.0-020

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845 // NVD: CVE-2022-20960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20960
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20960
value: HIGH

Trust: 1.0

NVD: CVE-2022-20960
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202211-1949
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-20960
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-20960
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960 // NVD: CVE-2022-20960

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.1

problemtype:CWE-400

Trust: 1.0

problemtype:Illegal certificate verification (CWE-295) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // NVD: CVE-2022-20960

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-1949

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202211-1949

PATCH

title:cisco-sa-esa-dos-gdghHmbVurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-gdghHmbV

Trust: 0.8

sources: JVNDB: JVNDB-2022-022845

EXTERNAL IDS

db:NVDid:CVE-2022-20960

Trust: 3.3

db:JVNDBid:JVNDB-2022-022845

Trust: 0.8

db:CNNVDid:CNNVD-202211-1949

Trust: 0.6

db:VULHUBid:VHN-405513

Trust: 0.1

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-dos-gdghhmbv

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2022-20960

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-dos-gdghhmbv

Trust: 0.7

url:https://vigilance.fr/vulnerability/cisco-esa-overload-via-tls-connections-39815

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20960/

Trust: 0.6

sources: VULHUB: VHN-405513 // JVNDB: JVNDB-2022-022845 // CNNVD: CNNVD-202211-1949 // NVD: CVE-2022-20960

SOURCES

db:VULHUBid:VHN-405513
db:JVNDBid:JVNDB-2022-022845
db:CNNVDid:CNNVD-202211-1949
db:NVDid:CVE-2022-20960

LAST UPDATE DATE

2024-08-14T13:21:32.818000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405513date:2022-11-08T00:00:00
db:JVNDBid:JVNDB-2022-022845date:2023-11-21T02:13:00
db:CNNVDid:CNNVD-202211-1949date:2022-11-09T00:00:00
db:NVDid:CVE-2022-20960date:2024-01-25T17:15:22.563

SOURCES RELEASE DATE

db:VULHUBid:VHN-405513date:2022-11-04T00:00:00
db:JVNDBid:JVNDB-2022-022845date:2023-11-21T00:00:00
db:CNNVDid:CNNVD-202211-1949date:2022-11-02T00:00:00
db:NVDid:CVE-2022-20960date:2022-11-04T18:15:11.347