Monday, December 23, 2024
HomeCyber Security NewsCisco AsyncOS Software Flaw Let Remote Hackers Launch XSS Attack

Cisco AsyncOS Software Flaw Let Remote Hackers Launch XSS Attack

Published on

SIEM as a Service

Cisco AsyncOS Software, used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (previously Cisco Email Security Appliance; ESA), and Cisco Secure Web Appliance (WSA), has multiple flaws in its web-based management interface.

The vulnerabilities could allow a remote attacker to launch cross-site scripting (XSS) attack against a user of the interface.

What is XSS Attack?

Cross-site scripting (XSS) is an attack that lets hackers inject malicious javascript into the application or the website code.

- Advertisement - SIEM as a Service

When user input is not properly sanitized before being used in the generated output, a web page or web app becomes vulnerable to cross-site scripting attacks.

Cisco AsyncOS Software Flaw

Cisco said that “the vulnerabilities are independent of one another, exploiting one of the vulnerabilities is unnecessary before attempting to exploit another. “

Also, “a software release that is vulnerable to one of the vulnerabilities may not be vulnerable to the others,” Cisco added.

Products Affected

CVE-2023-20119: Cisco Secure Email and Web Manager – Reflected XSS

CVE-2023-20120: Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance – Stored XSS.

CVE-2023-20028: Cisco Secure Email and Web Manager and Cisco Secure Web Appliance – Stored XSS.

CVE-2023-20119: Cisco Secure Email and Web Manager

An unauthenticated, remote attacker could execute an XSS attack against a user of the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager due to a vulnerability.

Insufficient user input validation is the cause of this vulnerability. A user of a vulnerable interface could be tricked into clicking a forged link by an attacker.

 A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

CVE-2023-20120: Cisco Secure Email, Web Manager & Web Appliance

This vulnerability could allow an authenticated remote attacker to conduct an XSS attack against a user of the interface.

It is also an insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link.

If the exploit is effective, the attacker may be able to access private browser-based data or run arbitrary script code in the context of the exploited interface.

CVE-2023-20028: Cisco Secure Email, Web Manager, & Web Appliance

This vulnerability could also be able to allow an authenticated remote attacker to conduct an XSS attack against a user of the interface due to insufficient user input validation.

A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Updates & Workarounds

Cisco said there are no workarounds available to address these vulnerabilities, and users are recommended to consider software updates. According to PSIRT, there is no active exploitation of the vulnerability recorded.

Patches Released

Cisco released patches to fix the vulnerability;

Secure Email and Web Manager

Secure Email Gateway

Secure Web Appliance

“AI-based email security measures Protect your business From Email Threats!” – .

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

North Korean Hackers Stolen $2.2 Billion from Crypto Platforms in 2024

North Korean hackers are estimated to have stolen a staggering $2.2 billion in 2024,...

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years

After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO...

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

GBHackers come across a new ChatGPT-powered Penetration testing Tool called "PentestGPT" that helps penetration...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

North Korean Hackers Stolen $2.2 Billion from Crypto Platforms in 2024

North Korean hackers are estimated to have stolen a staggering $2.2 billion in 2024,...

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

A staggering 17 million patient records, containing sensitive personal and medical information, have been...

WhatsApp Wins NSO in Pegasus Spyware Hacking Lawsuit After 5 Years

After a prolonged legal battle stretching over five years, WhatsApp has triumphed over NSO...