Sign-up

ID

VAR-202204-2009


CVE

CVE-2022-20729


TITLE

Cisco Firepower Threat Defense  blinds in software  XPath  Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-010594

DESCRIPTION

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output. (DoS) It may be in a state. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-xmlinj-8GWjGzKe This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20729 // JVNDB: JVNDB-2022-010594 // VULHUB: VHN-405282 // VULMON: CVE-2022-20729

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.15

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-010594 // NVD: CVE-2022-20729

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-20729
value: HIGH

Trust: 1.8

ykramarz@cisco.com: CVE-2022-20729
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202204-4499
value: HIGH

Trust: 0.6

VULHUB: VHN-405282
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2022-20729
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-405282
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com:
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 2.5
version: 3.1

Trust: 1.0

NVD: CVE-2022-20729
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405282 // JVNDB: JVNDB-2022-010594 // NVD: CVE-2022-20729 // NVD: CVE-2022-20729 // CNNVD: CNNVD-202204-4499

PROBLEMTYPE DATA

problemtype:CWE-91

Trust: 1.1

problemtype:BLIND XPath injection (CWE-91) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-405282 // JVNDB: JVNDB-2022-010594 // NVD: CVE-2022-20729

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202204-4499

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-4499

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-20729

PATCH
title:cisco-sa-ftd-xmlinj-8GWjGzKeurl:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-xmlinj-8gwjgzke
Trust: 0.8
title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=192607
Trust: 0.6
title:Cisco: Cisco Firepower Threat Defense Software XML Injection Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-xmlinj-8gwjgzke
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-20729 // 
            
            
            
            JVNDB: JVNDB-2022-010594 // 
            
            
            
            CNNVD: CNNVD-202204-4499

EXTERNAL IDS
db:NVDid:CVE-2022-20729
Trust: 3.4
db:JVNDBid:JVNDB-2022-010594
Trust: 0.8
db:CS-HELPid:SB2022042815
Trust: 0.6
db:AUSCERTid:ESB-2022.1922
Trust: 0.6
db:CNNVDid:CNNVD-202204-4499
Trust: 0.6
db:CNVDid:CNVD-2022-43397
Trust: 0.1
db:VULHUBid:VHN-405282
Trust: 0.1
db:VULMONid:CVE-2022-20729
Trust: 0.1
sources:
            
            
            VULHUB: VHN-405282 // 
            
            
            
            VULMON: CVE-2022-20729 // 
            
            
            
            JVNDB: JVNDB-2022-010594 // 
            
            
            
            NVD: CVE-2022-20729 // 
            
            
            
            CNNVD: CNNVD-202204-4499

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-xmlinj-8gwjgzke
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-20729
Trust: 0.8
url:https://www.cybersecurity-help.cz/vdb/sb2022042815
Trust: 0.6
url:https://cxsecurity.com/cveshow/cve-2022-20729/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.1922
Trust: 0.6
sources:
            
            
            VULHUB: VHN-405282 // 
            
            
            
            VULMON: CVE-2022-20729 // 
            
            
            
            JVNDB: JVNDB-2022-010594 // 
            
            
            
            NVD: CVE-2022-20729 // 
            
            
            
            CNNVD: CNNVD-202204-4499

SOURCES
db:VULHUBid:VHN-405282
db:VULMONid:CVE-2022-20729
db:JVNDBid:JVNDB-2022-010594
db:NVDid:CVE-2022-20729
db:CNNVDid:CNNVD-202204-4499

LAST UPDATE DATE
2023-12-18T13:32:13.384000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-405282date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-010594date:2023-08-16T05:33:00
db:NVDid:CVE-2022-20729date:2023-11-07T03:42:46.340
db:CNNVDid:CNNVD-202204-4499date:2022-05-13T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-405282date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010594date:2023-08-16T00:00:00
db:NVDid:CVE-2022-20729date:2022-05-03T04:15:09.063
db:CNNVDid:CNNVD-202204-4499date:2022-04-27T00:00:00