ID

VAR-202302-1598


CVE

CVE-2023-20009


TITLE

Cisco Systems  Cisco Email Security Appliance  and  secure email and web manager  Vulnerability in unlimited upload of dangerous types of files in

Trust: 0.8

sources: JVNDB: JVNDB-2023-003790

DESCRIPTION

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device. Cisco Systems Cisco Email Security Appliance and secure email and web manager Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 1.71

sources: NVD: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // VULMON: CVE-2023-20009

AFFECTED PRODUCTS

vendor:ciscomodel:secure email and web managerscope:gteversion:13.8.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:14.2.0-224

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:12.8.1-021

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:13.5.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:13.8.1-108

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.2.1-020

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:13.0.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:14.3.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:gteversion:14.0.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:13.5.4-038

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:gteversion:14.3.0

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:12.5.3-041

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:13.0.5-007

Trust: 1.0

vendor:ciscomodel:email security appliancescope:gteversion:14.0.0

Trust: 1.0

vendor:ciscomodel:secure email and web managerscope:ltversion:14.3.0-120

Trust: 1.0

vendor:ciscomodel:email security appliancescope:ltversion:14.3.0-032

Trust: 1.0

vendor:シスコシステムズmodel:cisco secure email and web managerscope:eqversion:13.8.0 that's all 13.8.1-108

Trust: 0.8

vendor:シスコシステムズmodel:cisco email security appliancescope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco secure email and web managerscope:eqversion:12.8.1-021

Trust: 0.8

vendor:シスコシステムズmodel:cisco secure email and web managerscope:eqversion:14.3.0 that's all 14.3.0-120

Trust: 0.8

vendor:シスコシステムズmodel:cisco secure email and web managerscope:eqversion:14.0.0 that's all 14.2.0-224

Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // NVD: CVE-2023-20009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-20009
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20009
value: MEDIUM

Trust: 1.0

NVD: CVE-2023-20009
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202303-044
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2023-20009
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2023-20009
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2023-20009
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009 // NVD: CVE-2023-20009

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.0

problemtype:CWE-434

Trust: 1.0

problemtype:Unlimited uploads of dangerous types of files (CWE-434) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // NVD: CVE-2023-20009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

PATCH

title:cisco-sa-esa-sma-privesc-9DVkFpJ8url:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 0.8

title:Cisco Secure Email Fixes for code issue vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=228469

Trust: 0.6

title:Cisco: Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 0.1

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044

EXTERNAL IDS

db:NVDid:CVE-2023-20009

Trust: 3.3

db:JVNDBid:JVNDB-2023-003790

Trust: 0.8

db:CNNVDid:CNNVD-202303-044

Trust: 0.6

db:VULMONid:CVE-2023-20009

Trust: 0.1

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009

REFERENCES

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2023-20009

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2023-20009/

Trust: 0.6

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009

SOURCES

db:VULMONid:CVE-2023-20009
db:JVNDBid:JVNDB-2023-003790
db:CNNVDid:CNNVD-202303-044
db:NVDid:CVE-2023-20009

LAST UPDATE DATE

2024-08-14T15:05:53.426000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2023-003790date:2023-10-13T01:03:00
db:CNNVDid:CNNVD-202303-044date:2023-03-13T00:00:00
db:NVDid:CVE-2023-20009date:2024-01-25T17:15:24.400

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2023-003790date:2023-10-13T00:00:00
db:CNNVDid:CNNVD-202303-044date:2023-03-01T00:00:00
db:NVDid:CVE-2023-20009date:2023-03-01T08:15:11.767