2 matches found
CVE-2022-20942
A vulnerability in the web-based management interface of Cisco Email Security Appliance ESA, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance WSA, could allow an authenticated, remote attacker to retrieve sensitive information from...
CVE-2022-20942
CVE-2022-20942 concerns information disclosure in Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance (formerly WSA). The issue stems from weak enforcement of back-end authorization checks, allowing an authenticated, remote attacker to obtain s...