{"api_version":"1","generated_at":"2026-04-23T11:35:32+00:00","cve":"CVE-2022-20942","urls":{"html":"https://cve.report/CVE-2022-20942","api":"https://cve.report/api/cve/CVE-2022-20942.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-20942","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-20942"},"summary":{"title":"CVE-2022-20942","description":"A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device.","state":"PUBLIC","assigner":"psirt@cisco.com","published_at":"2022-11-04 18:15:00","updated_at":"2024-01-25 17:15:00"},"problem_types":["CWE-863"],"metrics":[],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG","name":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG","refsource":"MISC","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG","name":"cisco-sa-cnt-sec-infodiscl-BVKKnUG","refsource":"","tags":[],"title":"Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-20942","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-20942","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"20942","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"asyncos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"20942","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"secure_email_and_web_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"20942","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"secure_email_gateway","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"20942","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cisco","cpe5":"secure_web_appliance","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-20942","qid":"317259","title":"Cisco Email Security Appliance (ESA) Cisco Secure Email and Web Manager and Cisco Secure Web Appliance (WSA) Information Disclosure Vulnerability (cisco-sa-cnt-sec-infodiscl-BVKKnUG)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-20942","ASSIGNER":"psirt@cisco.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to retrieve sensitive information from an affected device, including user credentials. This vulnerability is due to weak enforcement of back-end authorization checks. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain confidential data that is stored on the affected device."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Exposure of Private Personal Information to an Unauthorized Actor"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Cisco","product":{"product_data":[{"product_name":"Cisco Web Security Appliance (WSA)","version":{"version_data":[{"version_value":"10.5.1-270","version_affected":"="},{"version_value":"10.5.1-296","version_affected":"="},{"version_value":"10.5.2-061","version_affected":"="},{"version_value":"10.5.2-072","version_affected":"="},{"version_value":"10.5.6-022","version_affected":"="},{"version_value":"10.5.3-000","version_affected":"="},{"version_value":"10.5.5-000","version_affected":"="},{"version_value":"11.5.1-124","version_affected":"="},{"version_value":"11.5.1-125","version_affected":"="},{"version_value":"11.5.1-115","version_affected":"="},{"version_value":"11.5.3-016","version_affected":"="},{"version_value":"11.5.2-000","version_affected":"="},{"version_value":"11.7.0-406","version_affected":"="},{"version_value":"11.7.0-418","version_affected":"="},{"version_value":"11.7.1-049","version_affected":"="},{"version_value":"11.7.1-006","version_affected":"="},{"version_value":"11.7.1-020","version_affected":"="},{"version_value":"11.7.2-011","version_affected":"="},{"version_value":"11.8.0-414","version_affected":"="},{"version_value":"11.8.1-023","version_affected":"="},{"version_value":"11.8.3-018","version_affected":"="},{"version_value":"11.8.3-021","version_affected":"="},{"version_value":"12.0.1-268","version_affected":"="},{"version_value":"12.0.3-007","version_affected":"="},{"version_value":"10.6.0-000","version_affected":"="},{"version_value":"12.5.2-007","version_affected":"="},{"version_value":"12.5.1-011","version_affected":"="}]}},{"product_name":"Cisco Email Security Appliance (ESA)","version":{"version_data":[{"version_value":"10.0.1-087","version_affected":"="},{"version_value":"12.0.0-419","version_affected":"="},{"version_value":"12.1.0-071","version_affected":"="},{"version_value":"12.1.0-087","version_affected":"="},{"version_value":"12.1.0-089","version_affected":"="},{"version_value":"13.0.0-392","version_affected":"="},{"version_value":"13.5.1-277","version_affected":"="},{"version_value":"12.5.0-066","version_affected":"="},{"version_value":"14.0.0-698","version_affected":"="},{"version_value":"14.2.0-620","version_affected":"="}]}},{"product_name":"Cisco Content Security Management Appliance (SMA)","version":{"version_data":[{"version_value":"11.0.0-115","version_affected":"="},{"version_value":"11.0.1-161","version_affected":"="},{"version_value":"11.0.4-000","version_affected":"="},{"version_value":"11.5.1-105","version_affected":"="},{"version_value":"12.0.0-452","version_affected":"="},{"version_value":"12.0.1-011","version_affected":"="},{"version_value":"12.5.0-636","version_affected":"="},{"version_value":"12.5.0-658","version_affected":"="},{"version_value":"12.5.0-678","version_affected":"="},{"version_value":"12.5.0-670","version_affected":"="},{"version_value":"13.0.0-277","version_affected":"="},{"version_value":"13.6.2-078","version_affected":"="},{"version_value":"13.8.1-068","version_affected":"="},{"version_value":"13.8.1-074","version_affected":"="},{"version_value":"12.8.1-002","version_affected":"="},{"version_value":"14.0.0-404","version_affected":"="},{"version_value":"14.1.0-223","version_affected":"="},{"version_value":"14.1.0-227","version_affected":"="},{"version_value":"14.2.0-212","version_affected":"="}]}}]}}]}},"references":{"reference_data":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG","refsource":"MISC","name":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnt-sec-infodiscl-BVKKnUG"}]},"source":{"advisory":"cisco-sa-cnt-sec-infodiscl-BVKKnUG","discovery":"INTERNAL","defects":["CSCwc43106","CSCwc43102","CSCwc43104"]},"exploit":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"impact":{"cvss":[{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}]}},"nvd":{"publishedDate":"2022-11-04 18:15:00","lastModifiedDate":"2024-01-25 17:15:00","problem_types":["CWE-863"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.1-015","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.3.0","versionEndExcluding":"14.3.0-023","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:cisco:secure_email_gateway:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0-217","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.3.0","versionEndExcluding":"14.3.0-115","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.5-011","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndExcluding":"12.5.4-005","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.0.2-012","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"20942","Ordinal":"220205","Title":"CVE-2022-20942","CVE":"CVE-2022-20942","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"20942","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}