3 matches found
CVE-2022-20868
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit thi...
CVE-2022-20868
creationtimestamp| type| source ---|---|--- 2022-11-07 13:16:19+00:00| seen| https://t.me/truesecator/3668 2022-11-20 09:20:58+00:00| published-proof-of-concept| https://t.me/breachdetector/145331...
CVE-2022-20868
CVE-2022-20868 affects Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance. The root cause is a hardcoded value used to encrypt a token for certain API calls, enabling an authenticated, remote attacker with valid credentials to impersonate anot...