{ "id": "CVE-2022-20854", "sourceIdentifier": "ykramarz@cisco.com", "published": "2022-11-15T21:15:27.867", "lastModified": "2023-11-07T03:43:07.750", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 }, { "source": "d1c1063e-7a18-46af-9102-31f8928bc633", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-755" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.0", "versionEndIncluding": "6.1.0.7", "matchCriteriaId": "9AF743FF-E805-474C-B50B-92BD4C7AA0D4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.0", "versionEndIncluding": "6.2.0.6", "matchCriteriaId": "B5E4CB53-CEC2-4BE8-96E1-A2C7631E529E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.2", "versionEndIncluding": "6.2.2.5", "matchCriteriaId": "89269AE2-3D68-493A-B50A-03D42FB35D67" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.3", "versionEndIncluding": "6.2.3.18", "matchCriteriaId": "B6BF3D02-3BA0-4736-B78D-3634E3E91623" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3.0", "versionEndIncluding": "6.3.0.5", "matchCriteriaId": "0AD39938-77FE-4CC2-A8FF-96EB92B70FC2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.0", "versionEndIncluding": "6.4.0.15", "matchCriteriaId": "5A2C5E53-F923-4582-8C44-54FDDC4BBF02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5.0", "versionEndIncluding": "6.5.0.5", "matchCriteriaId": "3270D8B1-70B7-42B0-991E-0C14F1C3DDE9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.0", "versionEndIncluding": "6.7.0.3", "matchCriteriaId": "79C97BD3-D82A-493B-BCBB-9909ED80D084" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1895BC03-A0B4-4AE8-8EB5-DAFC913E4B2B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "30AE7CB7-86F5-4B80-9179-1C2DF4E8E7B5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1931C431-3452-4FE1-870A-16700553BDAE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "490C91AC-9437-43DA-99AF-0DF8A0E5EEB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "22913221-9B69-451A-8442-C65091DFAFD2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "1488A64D-E0ED-4E88-92E9-D8E38A2CB080" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "9FF58049-7F1B-425B-A2A7-5974080625F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4DA72515-66E1-4811-ADDA-B2F9B6A4B737" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "606C631F-5A30-4A07-A761-29B31D09C66A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0FEE4092-0EAD-48DA-92EB-82DD4EB43E49" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B8DF2E2-848A-4616-AEF0-1EFE68A900C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "387E34BD-913B-4CB7-9230-81B283E92A9B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFE8B3DC-9865-4845-B989-FB41D6FE085E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BC98B2C9-2F78-4DB5-97D7-78D584CEBE87" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "44CEED06-6E18-4961-BD69-8BF3E7A6D59C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D815D562-D60A-4AD1-9243-8167B244882E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_management_center:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "FA91AC4A-77D5-4C41-BD63-4E8F3BA4FF84" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.0", "versionEndIncluding": "6.1.0.7", "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.0", "versionEndIncluding": "6.2.0.6", "matchCriteriaId": "DD237542-FED6-4013-AD9F-18891954FE05" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.2", "versionEndIncluding": "6.2.2.5", "matchCriteriaId": "1F74A25A-601D-470D-BA43-EA68ADD266C6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.3", "versionEndIncluding": "6.2.3.18", "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3.0", "versionEndIncluding": "6.3.0.5", "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.0", "versionEndIncluding": "6.4.0.15", "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5.0", "versionEndIncluding": "6.5.0.5", "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.0", "versionEndIncluding": "6.7.0.3", "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4" } ] } ] } ], "references": [ { "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }