{ "id": "CVE-2022-20924", "sourceIdentifier": "ykramarz@cisco.com", "published": "2022-11-15T21:15:31.730", "lastModified": "2023-08-15T18:20:10.327", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, { "source": "ykramarz@cisco.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.1, "impactScore": 4.0 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "13D66C4F-F7C3-4470-9767-25C43524DBDC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "4E7B0C76-9BFC-4744-BAEF-A1C3B65D3E6E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "8E8680F4-C1D0-4AE5-9B53-9ED595833D1B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "DD2E8FF2-D9AB-4F86-94D7-79F080EE84E9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "3658FDC4-FC57-4281-9376-F66B0CC85826" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "F74FA696-5B57-4D1B-9068-069C8A605C70" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C4E5D009-238D-45E0-8D7B-2FCB3406C13A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "57AC67A3-F768-43C4-8513-0AF4BA12A3F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "C849F77C-B56F-4F3E-9E18-AD701FCBB742" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "E8B31A9B-5303-4B84-A2F9-4E4951CB570F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "441DB30E-9CFB-4F70-A7F7-DC5CEAE7C982" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "95BC9BBB-006C-43E5-AC51-C707B4F7749F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "BA0F6E81-B467-4C33-9DF8-F321F8555D83" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "8409F18B-D199-4CEF-9BA7-40BE6BA97D7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "0BA33DFE-58E3-4334-8DFA-F8B2691724D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "B6E6D720-91E2-447F-A23A-60719AC707EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "2243D639-F4F0-4D75-AB62-023C9FE5130B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "7E5FA0FF-8A30-46ED-9AA3-B10BC0DC2483" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "914A3718-09FC-41D2-A8AA-E326DA527DE6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "7A64F9EF-5D40-4674-A3B6-E2C844375583" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "F8E41388-8BA1-478B-BA58-3D99D869EC9E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9601F69-E591-487E-BBBC-06E9C66B5811" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E5965E70-FE82-4038-9690-18831CBA9EEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "BCF5C1E7-EC01-49EB-90D6-9179E17FBF4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "F73EA1D9-0739-4E82-9EF3-16AA72000B92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "A3D3F67B-32DC-45BB-9AF1-04A873E4F966" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "3D19F2D6-5AE3-4E39-99E8-07DA50AED3F5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "DD29815E-8B50-44E2-96AB-58D353700D72" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "1375D7A6-6645-4C0A-A527-11F5714A8B5E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.16.3:*:*:*:*:*:*:*", "matchCriteriaId": "451202D7-C73B-441F-851C-2D7B02E5AA8A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.16.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "1D17058F-54D1-4340-B3F9-11BD3482992C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.16.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "EC0C6D27-ACEA-4FF6-B863-71D33C66368D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4F7F85C-1377-4715-A6EC-673359E05A1D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "08B3EAB4-F902-4B13-AC37-3255FDCB03EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "A05DDEE4-2D5E-4A1A-96AC-0C838E3E11EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "B975CDD2-DED7-4073-9384-DFBF141810A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "1BCBC90E-B03D-493A-A478-C81B8A8E2B32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "8A1E4FC5-ECFC-465C-99A4-D3709C95DC0D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.17.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "CBAD6EDA-4986-42C6-992C-16B9B4944F54" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "9E80230C-EF78-4E7E-80C2-2746E3968EB2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD" } ] } ] } ], "references": [ { "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x", "source": "ykramarz@cisco.com", "tags": [ "Patch", "Vendor Advisory" ] } ] }