admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-209xx/CVE-2022-20927.json
cad-safe-bot 6f4cc5b100 Auto-Update: 2023-08-15T20:00:34.868319+00:00
2023-08-15 20:00:38 +00:00

335 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-20927",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2022-11-15T21:15:32.607",
"lastModified": "2023-08-15T18:20:10.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C39F7F9-48DD-4B6C-84C5-011AA4276005"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FD7445F-F352-416E-AB5A-F225F2A38690"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A829317B-1394-40EC-A519-1C1EB0517A4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A8568BFB-83EC-4F4C-B931-B4CCA5F98BDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "182203D1-EA05-47BB-8682-9B4506DE97A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6051A7BC-B6EB-4BB4-B545-1769EFD6A60F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "8604A862-5D06-414D-BAAE-BAFD03955834"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.13.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEFEAD5-1C7B-4596-B1D2-6AAD04892327"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13D66C4F-F7C3-4470-9767-25C43524DBDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8680F4-C1D0-4AE5-9B53-9ED595833D1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2E8FF2-D9AB-4F86-94D7-79F080EE84E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3658FDC4-FC57-4281-9376-F66B0CC85826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F74FA696-5B57-4D1B-9068-069C8A605C70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E5D009-238D-45E0-8D7B-2FCB3406C13A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "57AC67A3-F768-43C4-8513-0AF4BA12A3F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C849F77C-B56F-4F3E-9E18-AD701FCBB742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B31A9B-5303-4B84-A2F9-4E4951CB570F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "441DB30E-9CFB-4F70-A7F7-DC5CEAE7C982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95BC9BBB-006C-43E5-AC51-C707B4F7749F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BA0F6E81-B467-4C33-9DF8-F321F8555D83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8409F18B-D199-4CEF-9BA7-40BE6BA97D7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA33DFE-58E3-4334-8DFA-F8B2691724D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E6D720-91E2-447F-A23A-60719AC707EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.14.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2243D639-F4F0-4D75-AB62-023C9FE5130B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9601F69-E591-487E-BBBC-06E9C66B5811"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5965E70-FE82-4038-9690-18831CBA9EEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BCF5C1E7-EC01-49EB-90D6-9179E17FBF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F73EA1D9-0739-4E82-9EF3-16AA72000B92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D3F67B-32DC-45BB-9AF1-04A873E4F966"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3D19F2D6-5AE3-4E39-99E8-07DA50AED3F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DD29815E-8B50-44E2-96AB-58D353700D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:9.15.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "1375D7A6-6645-4C0A-A527-11F5714A8B5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.13.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "23C82327-5362-4876-8058-EB51030CD5DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5.0",
"versionEndIncluding": "6.5.0.5",
"matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.0",
"versionEndIncluding": "6.7.0.3",
"matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:firepower_services_software_for_asa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C5EF69-498C-4433-8B86-91EB343C3F63"
}
]
}
]
}
],
"references": [
{
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-client-dos-cCrQPkA",
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink