Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication

Cisco released updates on Wednesday for a significant security weakness in the Email Security Appliance and Secure Email and Web Manager that could allow an unauthenticated, remote attacker to bypass authentication. The bypass vulnerability, which has been assigned the CVE identifier CVE-2022-20798, is rated 9.8 out of 10 on the CVSS scoring system and results from faulty authentication checks when an afflicted device uses Lightweight Directory Access Protocol for external authentication.

According to Cisco, an attacker might exploit this vulnerability by submitting a certain input on the affected device’s login screen. A successful exploit could allow an attacker to obtain unauthorised access to the affected device’s web-based management interface. The weakness, which it claims was discovered while resolving a technical assistance centre (TAC) problem, affects ESA, Secure Email, and Web Manager, all of which use susceptible AsyncOS software. Read More…