ID

VAR-202204-1973


CVE

CVE-2022-20742


TITLE

Cisco Adaptive Security Appliance Software  and  Cisco Firepower Threat Defense Software  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002

DESCRIPTION

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel. The platform provides features such as highly secure access to data and network resources. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4 This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication

Trust: 1.8

sources: NVD: CVE-2022-20742 // JVNDB: JVNDB-2022-011002 // VULHUB: VHN-405295 // VULMON: CVE-2022-20742

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.2.14

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.17.1.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.17.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.21

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.38

Trust: 1.0

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002 // NVD: CVE-2022-20742

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20742
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20742
value: HIGH

Trust: 1.0

NVD: CVE-2022-20742
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-4506
value: HIGH

Trust: 0.6

VULHUB: VHN-405295
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-20742
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405295
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20742
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 5.2
version: 3.1

Trust: 2.0

NVD: CVE-2022-20742
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405295 // JVNDB: JVNDB-2022-011002 // CNNVD: CNNVD-202204-4506 // NVD: CVE-2022-20742 // NVD: CVE-2022-20742

PROBLEMTYPE DATA

problemtype:CWE-325

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002 // NVD: CVE-2022-20742

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4506

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4506

PATCH

title:cisco-sa-asaftd-ipsec-mitm-CKnLr4url:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4

Trust: 0.8

title:Multiple Cisco Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191572

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-ipsec-mitm-CKnLr4

Trust: 0.1

sources: VULMON: CVE-2022-20742 // JVNDB: JVNDB-2022-011002 // CNNVD: CNNVD-202204-4506

EXTERNAL IDS

db:NVDid:CVE-2022-20742

Trust: 3.4

db:JVNDBid:JVNDB-2022-011002

Trust: 0.8

db:AUSCERTid:ESB-2022.1910

Trust: 0.6

db:CS-HELPid:SB2022042739

Trust: 0.6

db:CNNVDid:CNNVD-202204-4506

Trust: 0.6

db:CNVDid:CNVD-2022-44687

Trust: 0.1

db:VULHUBid:VHN-405295

Trust: 0.1

db:VULMONid:CVE-2022-20742

Trust: 0.1

sources: VULHUB: VHN-405295 // VULMON: CVE-2022-20742 // JVNDB: JVNDB-2022-011002 // CNNVD: CNNVD-202204-4506 // NVD: CVE-2022-20742

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-ipsec-mitm-cknlr4

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20742

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022042739

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-information-disclosure-via-ipsec-ikev2-vpn-38166

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1910

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20742/

Trust: 0.6

sources: VULHUB: VHN-405295 // VULMON: CVE-2022-20742 // JVNDB: JVNDB-2022-011002 // CNNVD: CNNVD-202204-4506 // NVD: CVE-2022-20742

SOURCES

db:VULHUBid:VHN-405295
db:VULMONid:CVE-2022-20742
db:JVNDBid:JVNDB-2022-011002
db:CNNVDid:CNNVD-202204-4506
db:NVDid:CVE-2022-20742

LAST UPDATE DATE

2024-08-14T13:22:23.047000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405295date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-011002date:2023-08-18T05:57:00
db:CNNVDid:CNNVD-202204-4506date:2022-05-16T00:00:00
db:NVDid:CVE-2022-20742date:2023-11-07T03:42:48.900

SOURCES RELEASE DATE

db:VULHUBid:VHN-405295date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-011002date:2023-08-18T00:00:00
db:CNNVDid:CNNVD-202204-4506date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20742date:2022-05-03T04:15:09.317