CVE-2022-20805— Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-20805
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sever Name Indication (SNI) extension of an HTTP request to discover the destination domain and determine if the request needs to be decrypted. An attacker could exploit this vulnerability by sending a crafted request over TLS from a client to an unknown or controlled URL. A successful exploit could allow an attacker to bypass the decryption process of Cisco Umbrella SWG and allow malicious content to be downloaded to a host on a protected network. There are workarounds that address this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
保护机制失效
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Umbrella 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Umbrella是美国思科(Cisco)公司的一套云安全平台。该平台能够预防网络钓鱼、恶意软件和勒索软件等网络威胁。 Cisco Umbrella Secure Web Gateway (SWG) 中存在安全漏洞,攻击者可以通过从客户端通过 TLS 向未知或受控 URL 发送精心设计的请求来绕过 Cisco Umbrella SWG 的解密过程,并允许将恶意内容下载到受保护网络上的主机。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Umbrella Insights Virtual Appliance | n/a | - |
II. Public POCs for CVE-2022-20805
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-20805
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uswg-fdbps-xtTRKpp6vendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2022-20805
Same Patch Batch · Cisco · 2022-04-21 · 12 CVEs total
| CVE-2022-20732 | 7.8 HIGH | Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability |
| CVE-2022-20783 | 7.5 HIGH | Cisco TelePresence Collaboration Endpoint and RoomOS Software H.323 Denial of Service Vuln |
| CVE-2022-20773 | 7.5 HIGH | Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability |
| CVE-2022-20790 | 6.5 MEDIUM | Cisco Unified Communications Products Arbitrary File Read Vulnerability |
| CVE-2022-20778 | 6.1 MEDIUM | Cisco Webex Meetings Cross-Site Scripting Vulnerability |
| CVE-2022-20788 | 6.1 MEDIUM | Cisco Unified Communications Products Cross-Site Scripting Vulnerability |
| CVE-2022-20795 | 5.8 MEDIUM | Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect S |
| CVE-2022-20787 | 5.7 MEDIUM | Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability |
| CVE-2022-20786 | 5.4 MEDIUM | Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerability |
| CVE-2022-20804 | 5.3 MEDIUM | Cisco Unified Communications Products Denial of Service Vulnerability |
| CVE-2022-20789 | 4.9 MEDIUM | Cisco Unified Communications Products Arbitrary File Write Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco Umbrella Insights Virtual Appliance
- CVE-2022-20773
Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnera - CVE-2022-20738
Cisco Umbrella Secure Web Gateway File Inspection Bypass Vul - CVE-2021-40126
Cisco Umbrella Email Enumeration Vulnerability - CVE-2021-1475
Cisco Umbrella Link and CSV Formula Injection Vulnerabilitie - CVE-2021-1474
Cisco Umbrella Link and CSV Formula Injection Vulnerabilitie
Same vendor: Cisco
- CVE-2026-20224
Cisco Catalyst SD-WAN Manager XML External Entity Injection - CVE-2026-20210
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerabi - CVE-2026-20209
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerabi - CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulne - CVE-2026-20219
Cisco Slido 安全漏洞
V. Comments for CVE-2022-20805
No comments yet