CVE-2022-20772 — HTTP Request/Response Splitting in Cisco Email Security Appliance Firmware

CWE-113 — HTTP Request/Response Splitting CWE-74 — Injection4 documents4 sources

Severity

5.3MEDIUMNVD

CNA4.7

EPSS

0.4%

top 39.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Email Security Appliance Firmware Cisco Secure Email AND WEB Manager Firmware Cisco Secure Email +1 more

Timeline

PublishedNov 4

Description

A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. This vulnerability is due to the failure of the application or its environment to properly sanitize input values. An attacker could exploit this vulnerability by injecting malicious HTTP headers, controlling the response body, or splitting the response into multiple responses.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶NVDcisco/email_security_appliance_firmware13.5.1 — 14.0.3-015+2

▶NVDcisco/secure_email_and_web_manager_firmware14.2 — 14.2.0-217+1

▶CVEListV5cisco/cisco_secure_email_and_web_manager4 versions+3

▶CVEListV5cisco/cisco_secure_email13.5.1-277, 14.0.0-698, 14.2.0-620+2

🔴Vulnerability Details

GHSA

GHSA-9p6x-p535-c54c: A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to cond↗2022-11-04

▶

CVEList

CVE-2022-20772: A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to cond↗2022-11-03

▶

📋Vendor Advisories

Cisco

Cisco Email Security Appliance and Cisco Secure Email and Web Manager HTTP Response Header Injection Vulnerability↗2022-11-02

▶