ID

VAR-202204-1935


CVE

CVE-2022-20737


TITLE

Cisco Adaptive Security Appliance Software  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011003

DESCRIPTION

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information. Cisco Adaptive Security Appliance (ASA) Software Exists in an out-of-bounds write vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Cisco Adaptive Security Appliances Software is a set of firewall and network security platform of Cisco (Cisco). The platform provides features such as highly secure access to data and network resources. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-heap-zLX3FdX This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20737 // JVNDB: JVNDB-2022-011003 // VULHUB: VHN-405290 // VULMON: CVE-2022-20737

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.2.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.17.1.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.17.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.21

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.38

Trust: 1.0

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion:cisco adaptive security appliance software

Trust: 0.8

sources: JVNDB: JVNDB-2022-011003 // NVD: CVE-2022-20737

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20737
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20737
value: HIGH

Trust: 1.0

NVD: CVE-2022-20737
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-4512
value: HIGH

Trust: 0.6

VULHUB: VHN-405290
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-20737
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405290
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20737
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20737
baseSeverity: HIGH
baseScore: 8.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.1
impactScore: 4.7
version: 3.1

Trust: 1.0

NVD: CVE-2022-20737
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405290 // JVNDB: JVNDB-2022-011003 // CNNVD: CNNVD-202204-4512 // NVD: CVE-2022-20737 // NVD: CVE-2022-20737

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-122

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405290 // JVNDB: JVNDB-2022-011003 // NVD: CVE-2022-20737

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4512

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202204-4512

PATCH

title:cisco-sa-asa-ssl-vpn-heap-zLX3FdXurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-heap-zLX3FdX

Trust: 0.8

title:Cisco Adaptive Security Appliances Software Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192815

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asa-ssl-vpn-heap-zLX3FdX

Trust: 0.1

sources: VULMON: CVE-2022-20737 // JVNDB: JVNDB-2022-011003 // CNNVD: CNNVD-202204-4512

EXTERNAL IDS

db:NVDid:CVE-2022-20737

Trust: 3.4

db:JVNDBid:JVNDB-2022-011003

Trust: 0.8

db:CS-HELPid:SB2022042736

Trust: 0.6

db:AUSCERTid:ESB-2022.1908

Trust: 0.6

db:CNNVDid:CNNVD-202204-4512

Trust: 0.6

db:CNVDid:CNVD-2022-43235

Trust: 0.1

db:VULHUBid:VHN-405290

Trust: 0.1

db:VULMONid:CVE-2022-20737

Trust: 0.1

sources: VULHUB: VHN-405290 // VULMON: CVE-2022-20737 // JVNDB: JVNDB-2022-011003 // CNNVD: CNNVD-202204-4512 // NVD: CVE-2022-20737

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ssl-vpn-heap-zlx3fdx

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20737

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-20737/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042736

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1908

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-out-of-bounds-memory-reading-via-clientless-ssl-vpn-portal-38169

Trust: 0.6

sources: VULHUB: VHN-405290 // VULMON: CVE-2022-20737 // JVNDB: JVNDB-2022-011003 // CNNVD: CNNVD-202204-4512 // NVD: CVE-2022-20737

SOURCES

db:VULHUBid:VHN-405290
db:VULMONid:CVE-2022-20737
db:JVNDBid:JVNDB-2022-011003
db:CNNVDid:CNNVD-202204-4512
db:NVDid:CVE-2022-20737

LAST UPDATE DATE

2024-08-14T15:01:03.761000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405290date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-011003date:2023-08-18T05:59:00
db:CNNVDid:CNNVD-202204-4512date:2022-05-16T00:00:00
db:NVDid:CVE-2022-20737date:2023-11-07T03:42:47.987

SOURCES RELEASE DATE

db:VULHUBid:VHN-405290date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-011003date:2023-08-18T00:00:00
db:CNNVDid:CNNVD-202204-4512date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20737date:2022-05-03T04:15:09.183