Details of VAR-202204-2008

ID

VAR-202204-2008

CVE

CVE-2022-20730

TITLE

Cisco Firepower Threat Defense Software vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-010593

DESCRIPTION

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device. Cisco Firepower Threat Defense (FTD) There are unspecified vulnerabilities in the software.Information may be tampered with. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-sidns-bypass-3PzA5pO This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // VULHUB: VHN-405283 // VULMON: CVE-2022-20730

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.15	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-20730
value:	HIGH
Trust: 1.8
ykramarz@cisco.com:	CVE-2022-20730
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-202204-4494
value:	HIGH
Trust: 0.6
VULHUB:	VHN-405283
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2022-20730
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-405283
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:
baseSeverity:	MEDIUM
baseScore:	4.0
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2022-20730
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-405283 // JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730 // NVD: CVE-2022-20730 // CNNVD: CNNVD-202204-4494

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4494

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4494

CONFIGURATIONS

sources: NVD: CVE-2022-20730

PATCH

title:	cisco-sa-ftd-sidns-bypass-3PzA5pO	url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-sidns-bypass-3pza5po	Trust: 0.8
title:	Cisco Firepower Threat Defense Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=192606	Trust: 0.6
title:	Cisco: Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-sidns-bypass-3pza5po	Trust: 0.1

sources: VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // CNNVD: CNNVD-202204-4494

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20730	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-010593	Trust: 0.8
db:	CS-HELP	id:	SB2022042815	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1919	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-4494	Trust: 0.6
db:	CNVD	id:	CNVD-2022-43398	Trust: 0.1
db:	VULHUB	id:	VHN-405283	Trust: 0.1
db:	VULMON	id:	CVE-2022-20730	Trust: 0.1

sources: VULHUB: VHN-405283 // VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730 // CNNVD: CNNVD-202204-4494

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-sidns-bypass-3pza5po	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2022-20730	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022042815	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1919	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-20730/	Trust: 0.6

sources: VULHUB: VHN-405283 // VULMON: CVE-2022-20730 // JVNDB: JVNDB-2022-010593 // NVD: CVE-2022-20730 // CNNVD: CNNVD-202204-4494

SOURCES

db:	VULHUB	id:	VHN-405283
db:	VULMON	id:	CVE-2022-20730
db:	JVNDB	id:	JVNDB-2022-010593
db:	NVD	id:	CVE-2022-20730
db:	CNNVD	id:	CNNVD-202204-4494

LAST UPDATE DATE

2023-12-18T13:32:13.411000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405283	date:	2022-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2022-010593	date:	2023-08-16T05:27:00
db:	NVD	id:	CVE-2022-20730	date:	2023-11-07T03:42:46.553
db:	CNNVD	id:	CNNVD-202204-4494	date:	2022-05-13T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405283	date:	2022-05-03T00:00:00
db:	JVNDB	id:	JVNDB-2022-010593	date:	2023-08-16T00:00:00
db:	NVD	id:	CVE-2022-20730	date:	2022-05-03T04:15:09.120
db:	CNNVD	id:	CNNVD-202204-4494	date:	2022-04-27T00:00:00