VAR-202302-1614
Vulnerability from variot - Updated: 2024-01-29 19:36Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands.
These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. Cisco Systems Cisco Email Security Appliance for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202302-1614",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "email security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "13.5.0"
},
{
"model": "email security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5.3-041"
},
{
"model": "email security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0.0"
},
{
"model": "email security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "13.0.5-007"
},
{
"model": "email security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.3.0"
},
{
"model": "email security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "13.0.0"
},
{
"model": "email security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.3.0-032"
},
{
"model": "email security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.2.1-020"
},
{
"model": "email security appliance",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5.0"
},
{
"model": "email security appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "13.5.4-038"
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "14.3.0 that\u0027s all 14.3.0-032"
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "12.5.0 that\u0027s all 12.5.3-041"
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "13.0.0 that\u0027s all 13.0.5-007"
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "14.0.0 that\u0027s all 14.2.1-020"
},
{
"model": "cisco email security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "13.5.0 that\u0027s all 13.5.4-038"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.3.0-032",
"versionStartIncluding": "14.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.2.1-020",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.5.4-038",
"versionStartIncluding": "13.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.0.5-007",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:email_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5.3-041",
"versionStartIncluding": "12.5.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"cve": "CVE-2023-20075",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ykramarz@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-20075",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-20075",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2023-20075",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-052",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands. \r\n\r These vulnerability is due to improper input validation in the CLI. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. Cisco Systems Cisco Email Security Appliance for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \nFor more information about these vulnerabilities, see the Details section of this advisory. \nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. \nThis advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-20075"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "VULMON",
"id": "CVE-2023-20075"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-20075",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-20075",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20075"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"id": "VAR-202302-1614",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43892258
},
"last_update_date": "2024-01-29T19:36:07.218000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-esa-sma-privesc-9DVkFpJ8",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8"
},
{
"title": "Cisco Secure Email Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=228696"
},
{
"title": "Cisco: Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-esa-sma-privesc-9dvkfpj8"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20075"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-esa-sma-privesc-9dvkfpj8"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20075"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-20075/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-20075"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-20075"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"date": "2023-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"date": "2023-03-01T08:15:12.283000",
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-06T07:52:00",
"db": "JVNDB",
"id": "JVNDB-2023-005122"
},
{
"date": "2023-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-052"
},
{
"date": "2024-01-25T17:15:28.767000",
"db": "NVD",
"id": "CVE-2023-20075"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Systems \u00a0Cisco\u00a0Email\u00a0Security\u00a0Appliance\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005122"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-052"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…