=====================================================================

                                CERT-Renater

                      Note d'Information No. 2021/VULN083
_____________________________________________________________________

DATE                : 17/02/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Email Security Appliance
                                       software,
                             Cisco Prime Infrastructure ,
                       Cisco Evolved Programmable Network Manager,
                          Cisco RCM for Cisco StarOS Software.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-MxZvGtgU
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco PSIRT 
on 2022-February-16.

The following PSIRT security advisories (1 High, 2 Medium) were 
published at 16:00 UTC today.

Table of Contents:

1) Cisco Email Security Appliance DNS Verification Denial of Service 
Vulnerability - SIR: High

2) Cisco Prime Infrastructure and Evolved Programmable Network Manager 
    Cross-Site Scripting
Vulnerability - SIR: Medium

3) Cisco Redundancy Configuration Manager for Cisco StarOS Software
      TCP Denial of Service Vulnerability - SIR: Medium

+--------------------------------------------------------------------

1) Cisco Email Security Appliance DNS Verification Denial of Service 
Vulnerability

CVE-2022-20653

SIR: High

CVSS Score v(3.1): 7.5

URL: 
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-MxZvGtgU 
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-MxZvGtgU"]

+--------------------------------------------------------------------

2) Cisco Prime Infrastructure and Evolved Programmable Network Manager 
Cross-Site Scripting Vulnerability

CVE-2022-20659

SIR: Medium

CVSS Score v(3.1): 6.1

URL: 
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW 
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-xss-P8fBz2FW"]

+--------------------------------------------------------------------

3) Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP 
Denial of Service Vulnerability

CVE-2022-20750

SIR: Medium

CVSS Score v(3.1): 5.3

URL: 
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rcm-tcp-dos-2Wh8XjAQ 
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rcm-tcp-dos-2Wh8XjAQ"]


=========================================================
+ CERT-RENATER         |    tel : 01-53-94-20-44        +
+ 23/25 Rue Daviel     |    fax : 01-53-94-20-41        +
+ 75013 Paris          |   email:cert@support.renater.fr+
=========================================================