Cisco has released a High risk security advisory for an Email Security Appliance DNS Verification Denial of Service (DoS) vulnerability, as well as several other vulnerabilities in Nexus switches and NX-OS software.
An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
The update on February 25, 2022 addresses the DoS vulnerability CVE-2022-20653 (CVSS Base score 7.5) caused by insufficient error handling in DNS name resolution by the affected Email Security Appliance software.
“A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device,” Cisco stated in the advisory.
Moreover, Cisco also fixed multiple other High severity vulnerabilities on February 23, 2022: