{ "id": "CVE-2022-20927", "sourceIdentifier": "ykramarz@cisco.com", "published": "2022-11-15T21:15:32.607", "lastModified": "2023-08-15T18:20:10.327", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, { "source": "ykramarz@cisco.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.1, "impactScore": 4.0 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C39F7F9-48DD-4B6C-84C5-011AA4276005" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7FD7445F-F352-416E-AB5A-F225F2A38690" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "A829317B-1394-40EC-A519-1C1EB0517A4D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "A8568BFB-83EC-4F4C-B931-B4CCA5F98BDE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "182203D1-EA05-47BB-8682-9B4506DE97A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "6051A7BC-B6EB-4BB4-B545-1769EFD6A60F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "8604A862-5D06-414D-BAAE-BAFD03955834" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "DBEFEAD5-1C7B-4596-B1D2-6AAD04892327" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "13D66C4F-F7C3-4470-9767-25C43524DBDC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "8E8680F4-C1D0-4AE5-9B53-9ED595833D1B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "DD2E8FF2-D9AB-4F86-94D7-79F080EE84E9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "3658FDC4-FC57-4281-9376-F66B0CC85826" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "F74FA696-5B57-4D1B-9068-069C8A605C70" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C4E5D009-238D-45E0-8D7B-2FCB3406C13A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "57AC67A3-F768-43C4-8513-0AF4BA12A3F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "C849F77C-B56F-4F3E-9E18-AD701FCBB742" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "E8B31A9B-5303-4B84-A2F9-4E4951CB570F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "441DB30E-9CFB-4F70-A7F7-DC5CEAE7C982" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "95BC9BBB-006C-43E5-AC51-C707B4F7749F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "BA0F6E81-B467-4C33-9DF8-F321F8555D83" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "8409F18B-D199-4CEF-9BA7-40BE6BA97D7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "0BA33DFE-58E3-4334-8DFA-F8B2691724D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "B6E6D720-91E2-447F-A23A-60719AC707EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "2243D639-F4F0-4D75-AB62-023C9FE5130B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9601F69-E591-487E-BBBC-06E9C66B5811" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E5965E70-FE82-4038-9690-18831CBA9EEF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "BCF5C1E7-EC01-49EB-90D6-9179E17FBF4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "F73EA1D9-0739-4E82-9EF3-16AA72000B92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "A3D3F67B-32DC-45BB-9AF1-04A873E4F966" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "3D19F2D6-5AE3-4E39-99E8-07DA50AED3F5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "DD29815E-8B50-44E2-96AB-58D353700D72" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "1375D7A6-6645-4C0A-A527-11F5714A8B5E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5.0", "versionEndIncluding": "6.5.0.5", "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.0", "versionEndIncluding": "6.7.0.3", "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4C5EF69-498C-4433-8B86-91EB343C3F63" } ] } ] } ], "references": [ { "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA", "source": "ykramarz@cisco.com", "tags": [ "Patch", "Vendor Advisory" ] } ] }