Rewterz Threat Advisory – CVE-2023-20075 – Cisco Email Security Appliance Vulnerability

February 16, 2023

Rewterz Threat Advisory – CVE-2022-42735 – Apache ShenYu Vulnerability

February 16, 2023

Rewterz Threat Advisory – CVE-2023-20009 – Cisco ESA and Secure Email and Web Manager Vulnerability

February 16, 2023

Severity

Medium

Analysis Summary

CVE-2023-20009

Cisco ESA and Secure Email and Web Manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of an uploaded Simple Network Management Protocol (SNMP) configuration file. By uploading a specially-crafted configuration file, an <authenticated> attacker could exploit this vulnerability to execute arbitrary commands as root.

Impact

Privilege Escalation

Indicators Of Compromise

CVE

CVE-2023-20009

Affected Vendors

Cisco

Affected Products

Cisco Email Security Appliance (ESA)
Cisco Secure Email and Web Manager

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-6554 – Google Chrome Vulnerability

Multiple D-Link Products Vulnerabilities

Multiple GitLab Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2023-20075 – Cisco Email Security Appliance Vulnerability

Rewterz Threat Advisory – CVE-2022-42735 – Apache ShenYu Vulnerability