ID

VAR-202204-1722


CVE

CVE-2022-20713


TITLE

Cisco Adaptive Security Appliance  Cross-site scripting vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2022-016222

DESCRIPTION

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to the VPN web client services component before being returned to the browser that is in use. An attacker could exploit this vulnerability by persuading a user to visit a website that is designed to pass malicious requests to a device that is running Cisco ASA Software or Cisco FTD Software and has web services endpoints supporting VPN features enabled. A successful exploit could allow the attacker to reflect malicious input from the affected device to the browser that is in use and conduct browser-based attacks, including cross-site scripting attacks. The attacker could not directly impact the affected device. Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an malicious user to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-dos-KJjFtNb

Trust: 1.8

sources: NVD: CVE-2022-20713 // JVNDB: JVNDB-2022-016222 // VULHUB: VHN-405266 // VULMON: CVE-2022-20713

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.18

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.0.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.17

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.7.0.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.45

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3.14

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.16

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.16

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.2.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.13

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.11

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2.11

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.16

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.3.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.50

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.17

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.35

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.40

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.21

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.32

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.2.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.5.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.11

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.29

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.41

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.44

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.3.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.48

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.37

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.7.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.20

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.2.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.40

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.2.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.2.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.4.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.1.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.3.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.35

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.41

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.22

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.20

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.24

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.54

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.1.28

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.7.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.26

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.1.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.52

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.34

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.29

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.47

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.3.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.35

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3.23

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3.19

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.2.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.12

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.19.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.24

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.11

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.3.1.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.11

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.1.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.33

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.13

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.2.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.2.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.39

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.3.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.15

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.16

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.26

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.33

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.7.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.26

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.7.0.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.28

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.15

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.17

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.14

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1.19

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.3.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.29

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.2.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.21

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.1.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.1.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.2.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.4.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.26

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.25

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.2.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.38

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.20

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.18

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.1.30

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.2.0.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.43

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3.18

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.18

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.39

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2.38

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.2.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.46

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.2.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.18.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.15.1.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.17.1.11

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.14.3.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.55

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.16.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.1.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.4.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:6.6.5.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.12.4.30

Trust: 1.0

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion:cisco adaptive security appliance software

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016222 // NVD: CVE-2022-20713

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20713
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20713
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20713
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202208-2739
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-20713
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20713
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2022-20713
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016222 // CNNVD: CNNVD-202208-2739 // NVD: CVE-2022-20713 // NVD: CVE-2022-20713

PROBLEMTYPE DATA

problemtype:CWE-444

Trust: 1.1

problemtype:CWE-79

Trust: 1.0

problemtype:Cross-site scripting (CWE-79) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405266 // JVNDB: JVNDB-2022-016222 // NVD: CVE-2022-20713

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-2739

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202208-2739

PATCH

title:cisco-sa-asa-webvpn-LOeKsNmOurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-LOeKsNmO

Trust: 0.8

title:Cisco Adaptive Security Appliances Software Fixes for cross-site scripting vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=247286

Trust: 0.6

title:Cisco: Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-cdb-cmicr-vulns-KJjFtNb

Trust: 0.1

sources: VULMON: CVE-2022-20713 // JVNDB: JVNDB-2022-016222 // CNNVD: CNNVD-202208-2739

EXTERNAL IDS

db:NVDid:CVE-2022-20713

Trust: 3.4

db:JVNDBid:JVNDB-2022-016222

Trust: 0.8

db:AUSCERTid:ESB-2022.3979.4

Trust: 0.6

db:AUSCERTid:ESB-2022.3979

Trust: 0.6

db:CNNVDid:CNNVD-202208-2739

Trust: 0.6

db:VULHUBid:VHN-405266

Trust: 0.1

db:VULMONid:CVE-2022-20713

Trust: 0.1

sources: VULHUB: VHN-405266 // VULMON: CVE-2022-20713 // JVNDB: JVNDB-2022-016222 // CNNVD: CNNVD-202208-2739 // NVD: CVE-2022-20713

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-webvpn-loeksnmo

Trust: 1.3

url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-webvpn-loeksnmo

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2022-20713

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-20713/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3979

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-header-injection-via-clientless-ssl-vpn-39044

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3979.4

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cdb-cmicr-vulns-kjjftnb

Trust: 0.1

sources: VULHUB: VHN-405266 // VULMON: CVE-2022-20713 // JVNDB: JVNDB-2022-016222 // CNNVD: CNNVD-202208-2739 // NVD: CVE-2022-20713

SOURCES

db:VULHUBid:VHN-405266
db:VULMONid:CVE-2022-20713
db:JVNDBid:JVNDB-2022-016222
db:CNNVDid:CNNVD-202208-2739
db:NVDid:CVE-2022-20713

LAST UPDATE DATE

2024-08-14T13:22:23.409000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405266date:2022-08-12T00:00:00
db:JVNDBid:JVNDB-2022-016222date:2023-10-03T05:09:00
db:CNNVDid:CNNVD-202208-2739date:2023-07-25T00:00:00
db:NVDid:CVE-2022-20713date:2024-02-16T17:06:01.590

SOURCES RELEASE DATE

db:VULHUBid:VHN-405266date:2022-08-10T00:00:00
db:JVNDBid:JVNDB-2022-016222date:2023-10-03T00:00:00
db:CNNVDid:CNNVD-202208-2739date:2022-08-10T00:00:00
db:NVDid:CVE-2022-20713date:2022-08-10T17:15:08.423