ID

VAR-202204-2008


CVE

CVE-2022-20730


TITLE

Cisco Firepower Threat Defense  Software vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-010593

DESCRIPTION

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device. Cisco Firepower Threat Defense (FTD) There are unspecified vulnerabilities in the software.Information may be tampered with. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // VULHUB: VHN-405283 // VULMON: CVE-2022-20730

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.15

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.2

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20730
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20730
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20730
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-4494
value: HIGH

Trust: 0.6

VULHUB: VHN-405283
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-20730
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405283
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20730
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20730
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2022-20730
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405283 // JVNDB: JVNDB-2022-010593 // CNNVD: CNNVD-202204-4494 // NVD: CVE-2022-20730 // NVD: CVE-2022-20730

PROBLEMTYPE DATA

problemtype:CWE-241

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4494

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4494

PATCH

title:cisco-sa-ftd-sidns-bypass-3PzA5pOurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO

Trust: 0.8

title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192606

Trust: 0.6

title:Cisco: Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-sidns-bypass-3PzA5pO

Trust: 0.1

sources: VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // CNNVD: CNNVD-202204-4494

EXTERNAL IDS

db:NVDid:CVE-2022-20730

Trust: 3.4

db:JVNDBid:JVNDB-2022-010593

Trust: 0.8

db:CS-HELPid:SB2022042815

Trust: 0.6

db:AUSCERTid:ESB-2022.1919

Trust: 0.6

db:CNNVDid:CNNVD-202204-4494

Trust: 0.6

db:CNVDid:CNVD-2022-43398

Trust: 0.1

db:VULHUBid:VHN-405283

Trust: 0.1

db:VULMONid:CVE-2022-20730

Trust: 0.1

sources: VULHUB: VHN-405283 // VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // CNNVD: CNNVD-202204-4494 // NVD: CVE-2022-20730

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-sidns-bypass-3pza5po

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20730

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022042815

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1919

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20730/

Trust: 0.6

sources: VULHUB: VHN-405283 // VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // CNNVD: CNNVD-202204-4494 // NVD: CVE-2022-20730

SOURCES

db:VULHUBid:VHN-405283
db:VULMONid:CVE-2022-20730
db:JVNDBid:JVNDB-2022-010593
db:CNNVDid:CNNVD-202204-4494
db:NVDid:CVE-2022-20730

LAST UPDATE DATE

2024-11-23T22:10:47.138000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405283date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-010593date:2023-08-16T05:27:00
db:CNNVDid:CNNVD-202204-4494date:2022-05-13T00:00:00
db:NVDid:CVE-2022-20730date:2024-11-21T06:43:26.033

SOURCES RELEASE DATE

db:VULHUBid:VHN-405283date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010593date:2023-08-16T00:00:00
db:CNNVDid:CNNVD-202204-4494date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20730date:2022-05-03T04:15:09.120