Sign-up

ID

VAR-202204-1935


CVE

CVE-2022-20737


TITLE

Cisco Adaptive Security Appliance Software  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011003

DESCRIPTION

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information. Cisco Adaptive Security Appliance (ASA) Software Exists in an out-of-bounds write vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Cisco Adaptive Security Appliances Software is a set of firewall and network security platform of Cisco (Cisco). The platform provides features such as highly secure access to data and network resources. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-heap-zLX3FdX This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20737 // JVNDB: JVNDB-2022-011003 // VULHUB: VHN-405290 // VULMON: CVE-2022-20737

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.21

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.2.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.17.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.38

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.17.1.7

Trust: 1.0

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope:eqversion:cisco adaptive security appliance software

Trust: 0.8

sources: JVNDB: JVNDB-2022-011003 // NVD: CVE-2022-20737

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-20737
value: HIGH

Trust: 1.8

ykramarz@cisco.com: CVE-2022-20737
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202204-4512
value: HIGH

Trust: 0.6

VULHUB: VHN-405290
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 7.8
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2022-20737
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-405290
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com:
baseSeverity: HIGH
baseScore: 8.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.1
impactScore: 4.7
version: 3.1

Trust: 1.0

NVD: CVE-2022-20737
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405290 // JVNDB: JVNDB-2022-011003 // NVD: CVE-2022-20737 // NVD: CVE-2022-20737 // CNNVD: CNNVD-202204-4512

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405290 // JVNDB: JVNDB-2022-011003 // NVD: CVE-2022-20737

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4512

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202204-4512

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-20737

PATCH
title:cisco-sa-asa-ssl-vpn-heap-zLX3FdXurl:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ssl-vpn-heap-zlx3fdx
Trust: 0.8
title:Cisco Adaptive Security Appliances Software Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=192815
Trust: 0.6
title:Cisco: Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asa-ssl-vpn-heap-zlx3fdx
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-20737 // 
            
            
            
            JVNDB: JVNDB-2022-011003 // 
            
            
            
            CNNVD: CNNVD-202204-4512

EXTERNAL IDS
db:NVDid:CVE-2022-20737
Trust: 3.4
db:JVNDBid:JVNDB-2022-011003
Trust: 0.8
db:CS-HELPid:SB2022042736
Trust: 0.6
db:AUSCERTid:ESB-2022.1908
Trust: 0.6
db:CNNVDid:CNNVD-202204-4512
Trust: 0.6
db:CNVDid:CNVD-2022-43235
Trust: 0.1
db:VULHUBid:VHN-405290
Trust: 0.1
db:VULMONid:CVE-2022-20737
Trust: 0.1
sources:
            
            
            VULHUB: VHN-405290 // 
            
            
            
            VULMON: CVE-2022-20737 // 
            
            
            
            JVNDB: JVNDB-2022-011003 // 
            
            
            
            NVD: CVE-2022-20737 // 
            
            
            
            CNNVD: CNNVD-202204-4512

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ssl-vpn-heap-zlx3fdx
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-20737
Trust: 0.8
url:https://cxsecurity.com/cveshow/cve-2022-20737/
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022042736
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.1908
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-asa-out-of-bounds-memory-reading-via-clientless-ssl-vpn-portal-38169
Trust: 0.6
sources:
            
            
            VULHUB: VHN-405290 // 
            
            
            
            VULMON: CVE-2022-20737 // 
            
            
            
            JVNDB: JVNDB-2022-011003 // 
            
            
            
            NVD: CVE-2022-20737 // 
            
            
            
            CNNVD: CNNVD-202204-4512

SOURCES
db:VULHUBid:VHN-405290
db:VULMONid:CVE-2022-20737
db:JVNDBid:JVNDB-2022-011003
db:NVDid:CVE-2022-20737
db:CNNVDid:CNNVD-202204-4512

LAST UPDATE DATE
2023-12-18T12:34:30.430000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-405290date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-011003date:2023-08-18T05:59:00
db:NVDid:CVE-2022-20737date:2023-11-07T03:42:47.987
db:CNNVDid:CNNVD-202204-4512date:2022-05-16T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-405290date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-011003date:2023-08-18T00:00:00
db:NVDid:CVE-2022-20737date:2022-05-03T04:15:09.183
db:CNNVDid:CNNVD-202204-4512date:2022-04-27T00:00:00