CVE-2022-20798

Name of the Vulnerable Software and Affected Versions Cisco Secure Email and Web Manager versions (affected versions not specified)

Description A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager is related to improper authentication checks when using Lightweight Directory Access Protocol (LDAP) for external authentication. This could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.