Home SecurityNetwork Security Cisco reports vulnerabilities in products including email and web manager

Cisco reports vulnerabilities in products including email and web manager

Source Link

Cisco has issued alerts for a vulnerability found in its email security and web management products that could allow an authenticated remote actor to retrieve sensitive information from an affected device.

An advisory issued by Cisco this week outlined that the vulnerability—detected in the web management interface of Cisco Secure Email and Web Manager, known formerly as Cisco Security Management Appliance (CSMA), and Cisco Email Security Appliance (ESA)—allows an authenticated actor to extract sensitive information through a Lightweight Directory Access Protocol (LDAP) server connected to the affected device.

This vulnerability is due to a design oversight in the querying process, according to Cisco. LDAP is an external authentication protocol for accessing and maintaining distributed directory information services on the public internet or corporate intranet.

No public exploitation discovered (yet)

The vulnerability was found during internal security testing and until the time of publishing the advisory Tuesday Cisco’s team was unaware of any public announcement or exploitation of the vulnerability, the company said.

According to the advisory, the vulnerability has received a 7.7 CVSS score and has no workarounds. The vulnerability, with bug IDs CSCvz20942 and CSCvz40090 for virtual and hardware appliances, respectively, can be exploited provided they:

  • Are running a vulnerable release of Cisco AsyncOS Software
  • Are configured to use external authentication
  • Are using LDAP as an authentication protocol

The external authentication is disabled by default and can be checked by navigating to System administration>Users> External authentication.

Copyright © 2022 IDG Communications, Inc.

Related Articles

Leave a Comment