CVE-2023-20009

🗓️ 16 Feb 2023 15:25:13Reported by ciscoType

CVE-2023-20009: Cisco Secure Email Gateway and Web Manager Privilege Escalatio

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2023-20009	17 Feb 202316:30	–	circl
Tenable Nessus	Cisco Email Security Appliance PrivEsc (cisco-sa-esa-sma-privesc-9DVkFpJ8)	22 Feb 202300:00	–	nessus
Tenable Nessus	Cisco Secure Email and Web Manager PrivEsc (cisco-sa-esa-sma-privesc-9DVkFpJ8)	22 Feb 202300:00	–	nessus
Cisco	Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilities	15 Feb 202316:00	–	cisco
CNNVD	Cisco Secure Email 代码问题漏洞	1 Mar 202300:00	–	cnnvd
Cvelist	CVE-2023-20009	16 Feb 202315:25	–	cvelist
EUVD	EUVD-2023-24188	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco Email Security Appliance (ESA) and Secure Email and Web Manager.	24 Feb 202300:00	–	ncsc
NVD	CVE-2023-20009	1 Mar 202308:15	–	nvd
OSV	CVE-2023-20009	1 Mar 202308:15	–	osv

NVD

Node

cisco email_security_applianceRange<12.5.3-041

cisco email_security_applianceRange13.0.0–13.0.5-007

cisco email_security_applianceRange13.5.0–13.5.4-038

cisco email_security_applianceRange14.0.0–14.2.1-020

cisco email_security_applianceRange14.3.0–14.3.0-032

cisco secure_email_and_web_managerRange<12.8.1-021

cisco secure_email_and_web_managerRange13.8.0–13.8.1-108

cisco secure_email_and_web_managerRange14.0.0–14.2.0-224

cisco secure_email_and_web_managerRange14.3.0–14.3.0-120

[
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email",
    "versions": [
      {
        "version": "11.0.3-238",
        "status": "affected"
      },
      {
        "version": "11.1.0-069",
        "status": "affected"
      },
      {
        "version": "11.1.0-131",
        "status": "affected"
      },
      {
        "version": "11.1.0-128",
        "status": "affected"
      },
      {
        "version": "12.0.0-419",
        "status": "affected"
      },
      {
        "version": "12.1.0-071",
        "status": "affected"
      },
      {
        "version": "12.1.0-087",
        "status": "affected"
      },
      {
        "version": "12.1.0-089",
        "status": "affected"
      },
      {
        "version": "13.0.0-392",
        "status": "affected"
      },
      {
        "version": "13.5.1-277",
        "status": "affected"
      },
      {
        "version": "12.5.0-066",
        "status": "affected"
      },
      {
        "version": "14.0.0-698",
        "status": "affected"
      },
      {
        "version": "14.2.0-620",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email and Web Manager",
    "versions": [
      {
        "version": "11.0.0-115",
        "status": "affected"
      },
      {
        "version": "11.0.1-161",
        "status": "affected"
      },
      {
        "version": "11.5.1-105",
        "status": "affected"
      },
      {
        "version": "12.0.0-452",
        "status": "affected"
      },
      {
        "version": "12.0.1-011",
        "status": "affected"
      },
      {
        "version": "12.5.0-636",
        "status": "affected"
      },
      {
        "version": "12.5.0-658",
        "status": "affected"
      },
      {
        "version": "12.5.0-678",
        "status": "affected"
      },
      {
        "version": "12.5.0-670",
        "status": "affected"
      },
      {
        "version": "13.0.0-277",
        "status": "affected"
      },
      {
        "version": "13.6.2-078",
        "status": "affected"
      },
      {
        "version": "13.8.1-068",
        "status": "affected"
      },
      {
        "version": "13.8.1-074",
        "status": "affected"
      },
      {
        "version": "12.8.1-002",
        "status": "affected"
      },
      {
        "version": "14.0.0-404",
        "status": "affected"
      },
      {
        "version": "14.1.0-223",
        "status": "affected"
      },
      {
        "version": "14.1.0-227",
        "status": "affected"
      },
      {
        "version": "14.2.0-212",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-privesc-9DVkFpJ8

21 Nov 2024 07:40Current

7.3High risk

Vulners AI Score7.3

CVSS 3.16.5 - 7.2

EPSS0.0031