{ "id": "CVE-2022-20924", "sourceIdentifier": "psirt@cisco.com", "published": "2022-11-15T21:15:31.730", "lastModified": "2024-11-21T06:43:50.043", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition." }, { "lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n del Protocolo Simple de Administraci\u00f3n de Red (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado entre en bucle de carga, lo que resultar\u00eda en una condici\u00f3n DoS." } ], "metrics": { "cvssMetricV31": [ { "source": "psirt@cisco.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.1, "impactScore": 4.0 }, { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "psirt@cisco.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-703" } ] }, { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*", "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD" } ] } ] } ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x", "source": "psirt@cisco.com" }, { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }