Details of VAR-202302-1598

ID

VAR-202302-1598

CVE

CVE-2023-20009

TITLE

Cisco Systems Cisco Email Security Appliance and secure email and web manager Vulnerability in unlimited upload of dangerous types of files in

Trust: 0.8

sources: JVNDB: JVNDB-2023-003790

DESCRIPTION

A vulnerability in the Web UI and administrative CLI of the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA) could allow an authenticated remote attacker and or authenticated local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a [[privilege of operator - validate actual name]]. The vulnerability is due to the processing of a specially crafted SNMP configuration file. An attacker could exploit this vulnerability by authenticating to the targeted device and uploading a specially crafted SNMP configuration file that when uploaded could allow for the execution of commands as root. An exploit could allow the attacker to gain root access on the device. Cisco Systems Cisco Email Security Appliance and secure email and web manager Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

Trust: 1.71

sources: NVD: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // VULMON: CVE-2023-20009

AFFECTED PRODUCTS

vendor:	cisco	model:	secure email and web manager	scope:	gte	version:	13.8.0	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	lt	version:	14.2.0-224	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	lt	version:	12.8.1-021	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	13.5.0	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	lt	version:	13.8.1-108	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.2.1-020	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	14.3.0	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	13.5.4-038	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	gte	version:	14.3.0	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	12.5.3-041	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	13.0.5-007	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	cisco	model:	secure email and web manager	scope:	lt	version:	14.3.0-120	Trust: 1.0
vendor:	cisco	model:	email security appliance	scope:	lt	version:	14.3.0-032	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco secure email and web manager	scope:	eq	version:	13.8.0 that's all 13.8.1-108	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco email security appliance	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco secure email and web manager	scope:	eq	version:	12.8.1-021	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco secure email and web manager	scope:	eq	version:	14.3.0 that's all 14.3.0-120	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco secure email and web manager	scope:	eq	version:	14.0.0 that's all 14.2.0-224	Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // NVD: CVE-2023-20009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-20009
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20009
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2023-20009
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202303-044
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2023-20009
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2023-20009
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2023-20009
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009 // NVD: CVE-2023-20009

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.0
problemtype:	CWE-434	Trust: 1.0
problemtype:	Unlimited uploads of dangerous types of files (CWE-434) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-003790 // NVD: CVE-2023-20009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202303-044

PATCH

title:	cisco-sa-esa-sma-privesc-9DVkFpJ8	url:	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8	Trust: 0.8
title:	Cisco Secure Email Fixes for code issue vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=228469	Trust: 0.6
title:	Cisco: Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-esa-sma-privesc-9DVkFpJ8	Trust: 0.1

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20009	Trust: 3.3
db:	JVNDB	id:	JVNDB-2023-003790	Trust: 0.8
db:	CNNVD	id:	CNNVD-202303-044	Trust: 0.6
db:	VULMON	id:	CVE-2023-20009	Trust: 0.1

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2023-20009	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-20009/	Trust: 0.6

sources: VULMON: CVE-2023-20009 // JVNDB: JVNDB-2023-003790 // CNNVD: CNNVD-202303-044 // NVD: CVE-2023-20009

SOURCES

db:	VULMON	id:	CVE-2023-20009
db:	JVNDB	id:	JVNDB-2023-003790
db:	CNNVD	id:	CNNVD-202303-044
db:	NVD	id:	CVE-2023-20009

LAST UPDATE DATE

2024-08-14T15:05:53.426000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2023-003790	date:	2023-10-13T01:03:00
db:	CNNVD	id:	CNNVD-202303-044	date:	2023-03-13T00:00:00
db:	NVD	id:	CVE-2023-20009	date:	2024-01-25T17:15:24.400

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2023-003790	date:	2023-10-13T00:00:00
db:	CNNVD	id:	CNNVD-202303-044	date:	2023-03-01T00:00:00
db:	NVD	id:	CVE-2023-20009	date:	2023-03-01T08:15:11.767