{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T20:51:09.174","vulnerabilities":[{"cve":{"id":"CVE-2022-20675","sourceIdentifier":"psirt@cisco.com","published":"2022-04-06T19:15:08.007","lastModified":"2024-11-21T06:43:17.637","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition."},{"lang":"es","value":"Una vulnerabilidad en la pila TCP/IP de Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA) y Cisco Secure Email and Web Manager, anteriormente Security Management Appliance, podría permitir a un atacante remoto no autenticado bloquear el Servicio del Protocolo Simple de Administrador de Redes (SNMP), resultando en una situación de denegación de servicio (DoS). Esta vulnerabilidad es debido a una escucha de puerto abierta en el puerto TCP 199. Un atacante podría explotar esta vulnerabilidad al conectarse al puerto TCP 199. Una explotación con éxito podría permitir al atacante bloquear el servicio SNMP, resultando en una condición de DoS"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.02.0-020","matchCriteriaId":"1B09056C-2EA0-42EC-BB1E-5CC21004BBA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:email_security_appliance:-:*:*:*:*:*:*:*","matchCriteriaId":"C3DD0BAE-272E-4B9F-8F3B-B6091DEA5E33"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndExcluding":"14.1.0-239","matchCriteriaId":"6C660070-35AF-4D48-A90D-E3BFFE161503"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:secure_email_and_web_manager:-:*:*:*:*:*:*:*","matchCriteriaId":"DB4207E0-A5C1-4945-B996-722933148C37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"14.0.2-012","matchCriteriaId":"FBEE74B8-1D30-4A2C-B720-7E61CA134C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*","matchCriteriaId":"8F24CCD0-DFAB-44D9-B29A-A6D925A83C93"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-SNMP-JLAJksWK","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ESA-SNMP-JLAJksWK","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}