2 matches found
CVE-2022-20664
CVE-2022-20664 affects Cisco Secure Email and Web Manager (SMA) and Cisco Email Security Appliance (ESA). The issue is an information-disclosure vulnerability in the web management interface caused by insufficient input sanitization when querying an external LDAP authentication server. An authent...
CVE-2023-20009
CVE-2023-20009 affects Cisco’s Web UI and administrative CLI on the Cisco Secure Email Gateway (ESA) and Cisco Secure Email and Web Manager (SMA). The issue stems from processing of a specially crafted SNMP configuration file, which, if uploaded by an authenticated user with at least operator pri...