CVE-2023-20057
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. An attacker could exploit this vulnerability by crafting a URL in a particular way. A successful exploit could allow the attacker to bypass the URL reputation filters that are configured for an affected device, which could allow malicious URLs to pass through the device.
| CWE | CWE-792 |
| Vendor | cisco |
| Product | cisco email security appliance (esa) |
| Ecosystems | |
| Industries | NetworkingTelecommunications |
| Published | Jan 19, 2023 |
| Last Updated | Aug 2, 2024 |
Stay Ahead of the Next One
Get instant alerts for cisco cisco email security appliance (esa)
Be the first to know when new unknown vulnerabilities affecting cisco cisco email security appliance (esa) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
None
Affected Versions
Cisco / Cisco Email Security Appliance (ESA)
All versions affected