CVE-2022-20664

Name of the Vulnerable Software and Affected Versions Cisco Secure Email and Web Manager versions (affected versions not specified) Cisco Email Security Appliance versions (affected versions not specified)

Description A vulnerability in the web management interface could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This issue is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this by sending a crafted query through an external authentication web page, potentially gaining access to sensitive information, including user credentials from the external authentication server. To exploit this, an attacker would need valid operator-level (or higher) credentials.

Recommendations For Cisco Secure Email and Web Manager, restrict access to the external authentication web page until a fix is available. For Cisco Email Security Appliance, consider disabling the LDAP external authentication feature as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.