PT-2021-6795 · Cisco · Cisco Secure Email/Web Manager+2
Published
2021-11-02
·
Updated
2022-04-14
·
CVE-2022-20675
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Cisco Email Security Appliance (ESA) (affected versions not specified)
Cisco Web Security Appliance (WSA) (affected versions not specified)
Cisco Secure Email and Web Manager (affected versions not specified)
Description
A vulnerability in the TCP/IP stack could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Email Security Appliance
Cisco Secure Email/Web Manager
Cisco Web Security Appliance