Sign-up

ID

VAR-202204-1973


CVE

CVE-2022-20742


TITLE

Cisco Adaptive Security Appliance Software  and  Cisco Firepower Threat Defense Software  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002

DESCRIPTION

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel. The platform provides features such as highly secure access to data and network resources. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4 This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication

Trust: 1.8

sources: NVD: CVE-2022-20742 // JVNDB: JVNDB-2022-011002 // VULHUB: VHN-405295 // VULMON: CVE-2022-20742

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.21

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.2.14

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.17.1.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.17.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.38

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.15

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:eqversion:7.1.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002 // NVD: CVE-2022-20742

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-20742
value: HIGH

Trust: 1.8

ykramarz@cisco.com: CVE-2022-20742
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202204-4506
value: HIGH

Trust: 0.6

VULHUB: VHN-405295
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2022-20742
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-405295
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 5.2
version: 3.1

Trust: 2.0

NVD: CVE-2022-20742
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405295 // JVNDB: JVNDB-2022-011002 // NVD: CVE-2022-20742 // NVD: CVE-2022-20742 // CNNVD: CNNVD-202204-4506

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-011002 // NVD: CVE-2022-20742

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4506

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4506

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-20742

PATCH
title:cisco-sa-asaftd-ipsec-mitm-CKnLr4url:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-ipsec-mitm-cknlr4
Trust: 0.8
title:Multiple Cisco Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=191572
Trust: 0.6
title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPsec IKEv2 VPN Information Disclosure Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-ipsec-mitm-cknlr4
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-20742 // 
            
            
            
            JVNDB: JVNDB-2022-011002 // 
            
            
            
            CNNVD: CNNVD-202204-4506

EXTERNAL IDS
db:NVDid:CVE-2022-20742
Trust: 3.4
db:JVNDBid:JVNDB-2022-011002
Trust: 0.8
db:AUSCERTid:ESB-2022.1910
Trust: 0.6
db:CS-HELPid:SB2022042739
Trust: 0.6
db:CNNVDid:CNNVD-202204-4506
Trust: 0.6
db:CNVDid:CNVD-2022-44687
Trust: 0.1
db:VULHUBid:VHN-405295
Trust: 0.1
db:VULMONid:CVE-2022-20742
Trust: 0.1
sources:
            
            
            VULHUB: VHN-405295 // 
            
            
            
            VULMON: CVE-2022-20742 // 
            
            
            
            JVNDB: JVNDB-2022-011002 // 
            
            
            
            NVD: CVE-2022-20742 // 
            
            
            
            CNNVD: CNNVD-202204-4506

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-ipsec-mitm-cknlr4
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-20742
Trust: 0.8
url:https://www.cybersecurity-help.cz/vdb/sb2022042739
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-asa-information-disclosure-via-ipsec-ikev2-vpn-38166
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.1910
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-20742/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-405295 // 
            
            
            
            VULMON: CVE-2022-20742 // 
            
            
            
            JVNDB: JVNDB-2022-011002 // 
            
            
            
            NVD: CVE-2022-20742 // 
            
            
            
            CNNVD: CNNVD-202204-4506

SOURCES
db:VULHUBid:VHN-405295
db:VULMONid:CVE-2022-20742
db:JVNDBid:JVNDB-2022-011002
db:NVDid:CVE-2022-20742
db:CNNVDid:CNNVD-202204-4506

LAST UPDATE DATE
2023-12-18T12:15:43.009000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-405295date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-011002date:2023-08-18T05:57:00
db:NVDid:CVE-2022-20742date:2023-11-07T03:42:48.900
db:CNNVDid:CNNVD-202204-4506date:2022-05-16T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-405295date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-011002date:2023-08-18T00:00:00
db:NVDid:CVE-2022-20742date:2022-05-03T04:15:09.317
db:CNNVDid:CNNVD-202204-4506date:2022-04-27T00:00:00