Rewterz Threat Advisory – Multiple Cisco Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-20653 

Cisco Email Security Appliance is vulnerable to a denial of service, caused by insufficient error handling in DNS name resolution. By sending specially crafted email messages, a remote attacker could exploit this vulnerability to prevent users from logging in to the affected device.

CVE-2022-20659 

Cisco Prime Infrastructure and Evolved Programmable Network Manager are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to execute a script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-20750 

Cisco Redundancy Configuration Manager for Cisco StarOS Software is vulnerable to a denial of service, caused by improper input validation of an ingress TCP packet. By sending specially crafted packets, a remote attacker could exploit this vulnerability to restart the process.

Impact

• Denial of Service
• Cross-Site Scripting

Indicators of Compromise

CVE

• CVE-2022-20653
• CVE-2022-20659
• CVE-2022-20750

Affected Vendors

Cisco

Affected Products

• Cisco Email Security Appliance
• Cisco Prime Infrastructure
• Cisco Evolved Programmable Network Manager
• Cisco Redundancy Configuration Manager for Cisco StarOS Software

Remediation

Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.

Cisco Email Security Appliance

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-MxZvGtgU
Cisco Prime Infrastructure and Evolved Programmable Network Manager

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW
Cisco Redundancy Configuration Manager