ID

VAR-202204-2009


CVE

CVE-2022-20729


TITLE

Cisco Firepower Threat Defense  blinds in software  XPath  Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-010594

DESCRIPTION

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output. (DoS) It may be in a state. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20729 // JVNDB: JVNDB-2022-010594 // VULHUB: VHN-405282 // VULMON: CVE-2022-20729

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.15

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010594 // NVD: CVE-2022-20729

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20729
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20729
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20729
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-4499
value: HIGH

Trust: 0.6

VULHUB: VHN-405282
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-20729
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405282
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20729
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20729
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 2.5
version: 3.1

Trust: 1.0

NVD: CVE-2022-20729
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405282 // JVNDB: JVNDB-2022-010594 // CNNVD: CNNVD-202204-4499 // NVD: CVE-2022-20729 // NVD: CVE-2022-20729

PROBLEMTYPE DATA

problemtype:CWE-91

Trust: 1.1

problemtype:BLIND XPath injection (CWE-91) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405282 // JVNDB: JVNDB-2022-010594 // NVD: CVE-2022-20729

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202204-4499

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4499

PATCH

title:cisco-sa-ftd-xmlinj-8GWjGzKeurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe

Trust: 0.8

title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192607

Trust: 0.6

title:Cisco: Cisco Firepower Threat Defense Software XML Injection Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-xmlinj-8GWjGzKe

Trust: 0.1

sources: VULMON: CVE-2022-20729 // JVNDB: JVNDB-2022-010594 // CNNVD: CNNVD-202204-4499

EXTERNAL IDS

db:NVDid:CVE-2022-20729

Trust: 3.4

db:JVNDBid:JVNDB-2022-010594

Trust: 0.8

db:CS-HELPid:SB2022042815

Trust: 0.6

db:AUSCERTid:ESB-2022.1922

Trust: 0.6

db:CNNVDid:CNNVD-202204-4499

Trust: 0.6

db:CNVDid:CNVD-2022-43397

Trust: 0.1

db:VULHUBid:VHN-405282

Trust: 0.1

db:VULMONid:CVE-2022-20729

Trust: 0.1

sources: VULHUB: VHN-405282 // VULMON: CVE-2022-20729 // JVNDB: JVNDB-2022-010594 // CNNVD: CNNVD-202204-4499 // NVD: CVE-2022-20729

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-xmlinj-8gwjgzke

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20729

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022042815

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20729/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1922

Trust: 0.6

sources: VULHUB: VHN-405282 // VULMON: CVE-2022-20729 // JVNDB: JVNDB-2022-010594 // CNNVD: CNNVD-202204-4499 // NVD: CVE-2022-20729

SOURCES

db:VULHUBid:VHN-405282
db:VULMONid:CVE-2022-20729
db:JVNDBid:JVNDB-2022-010594
db:CNNVDid:CNNVD-202204-4499
db:NVDid:CVE-2022-20729

LAST UPDATE DATE

2024-08-14T15:21:50.507000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405282date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-010594date:2023-08-16T05:33:00
db:CNNVDid:CNNVD-202204-4499date:2022-05-13T00:00:00
db:NVDid:CVE-2022-20729date:2023-11-07T03:42:46.340

SOURCES RELEASE DATE

db:VULHUBid:VHN-405282date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010594date:2023-08-16T00:00:00
db:CNNVDid:CNNVD-202204-4499date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20729date:2022-05-03T04:15:09.063