CVE-2023-20057

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20057
A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:email_security_appliance_c160:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c170:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c190:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c380:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c390:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c670:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c680:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_x1070:-:*:*:*:*:*:*:*
History

25 Jan 2024, 17:15

Type Values Removed Values Added
CWE CWE-792

07 Nov 2023, 04:05

Type Values Removed Values Added
Summary A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device. A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.

30 Jan 2023, 21:25

Type Values Removed Values Added
CPE cpe:2.3:h:cisco:email_security_appliance_c380:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:asyncos:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_x1070:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c170:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c680:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c690x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c390:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c670:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c370:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c190:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:email_security_appliance_c160:-:*:*:*:*:*:*:*
References (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh - (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-url-bypass-WbMQqNJh - Vendor Advisory
First Time Cisco email Security Appliance C170
Cisco
Cisco email Security Appliance C390
Cisco email Security Appliance C370
Cisco email Security Appliance C690x
Cisco email Security Appliance C160
Cisco email Security Appliance C190
Cisco email Security Appliance X1070
Cisco email Security Appliance C670
Cisco email Security Appliance C380
Cisco email Security Appliance C680
Cisco email Security Appliance C370d
Cisco asyncos
Cisco email Security Appliance C690
CWE CWE-74
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3

20 Jan 2023, 07:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-01-20 07:15

Updated : 2024-01-25 17:15

NVD link : CVE-2023-20057

Mitre link : CVE-2023-20057

CVE.ORG link : CVE-2023-20057

JSON object : View

Products Affected

cisco

  • email_security_appliance_c370
  • email_security_appliance_c690x
  • asyncos
  • email_security_appliance_c390
  • email_security_appliance_c160
  • email_security_appliance_c680
  • email_security_appliance_c690
  • email_security_appliance_c190
  • email_security_appliance_c370d
  • email_security_appliance_x1070
  • email_security_appliance_c170
  • email_security_appliance_c670
  • email_security_appliance_c380
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-792

Incomplete Filtering of One or More Instances of Special Elements