CVE-2022-20738: Cisco Security Advisory: Cisco Umbrella Secure Web Gateway File Inspection Bypass Vulnerability

There are no workarounds that address this vulnerability. However, the following mitigations can be used to reduce the scope of this vulnerability:

Option 1: Enable file type control using the Web Policy rulesets.

1. Choose Policies > Management > Web Policy.
2. Click Add or expand an existing ruleset.
3. Under Ruleset Settings, for File Type Control, click Edit.
4. Select the Executables file type.
5. Click Save.

For more information, see Enable File Type Control.

Option 2: Add web security settings to block access to sites that could potentially host malicious content.

1. Choose Policies > Policy Components > Security Settings.
2. Click Add.
3. Choose Web Policies from the This Security List is Applied To drop-down list.
4. Select Malware, Command Control Callbacks, Phishing Attacks.
5. Click Save.

This new web security setting can now be added as a ruleset to the Web Policy. For more information, see Add a Web Security Setting.

While these mitigations have been deployed and were proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.