ID

VAR-202204-2026


CVE

CVE-2022-20748


TITLE

Cisco Firepower Threat Defense Software  Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010993

DESCRIPTION

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20748 // JVNDB: JVNDB-2022-010993 // VULHUB: VHN-405301 // VULMON: CVE-2022-20748

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

sources: JVNDB: JVNDB-2022-010993 // NVD: CVE-2022-20748

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20748
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20748
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-20748
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202204-4490
value: MEDIUM

Trust: 0.6

VULHUB: VHN-405301
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-20748
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-405301
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-20748
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2022-20748
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405301 // JVNDB: JVNDB-2022-010993 // CNNVD: CNNVD-202204-4490 // NVD: CVE-2022-20748 // NVD: CVE-2022-20748

PROBLEMTYPE DATA

problemtype:CWE-664

Trust: 1.0

problemtype:CWE-755

Trust: 1.0

problemtype:Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-400

Trust: 0.1

sources: VULHUB: VHN-405301 // JVNDB: JVNDB-2022-010993 // NVD: CVE-2022-20748

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4490

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202204-4490

PATCH

title:cisco-sa-ftd-amp-local-dos-CUfwRJXTurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT

Trust: 0.8

title:Cisco Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=192813

Trust: 0.6

title:Cisco: Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-amp-local-dos-CUfwRJXT

Trust: 0.1

sources: VULMON: CVE-2022-20748 // JVNDB: JVNDB-2022-010993 // CNNVD: CNNVD-202204-4490

EXTERNAL IDS

db:NVDid:CVE-2022-20748

Trust: 3.4

db:JVNDBid:JVNDB-2022-010993

Trust: 0.8

db:CS-HELPid:SB2022042813

Trust: 0.6

db:AUSCERTid:ESB-2022.1918

Trust: 0.6

db:CNNVDid:CNNVD-202204-4490

Trust: 0.6

db:VULHUBid:VHN-405301

Trust: 0.1

db:VULMONid:CVE-2022-20748

Trust: 0.1

sources: VULHUB: VHN-405301 // VULMON: CVE-2022-20748 // JVNDB: JVNDB-2022-010993 // CNNVD: CNNVD-202204-4490 // NVD: CVE-2022-20748

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-amp-local-dos-cufwrjxt

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20748

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-20748/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042813

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1918

Trust: 0.6

sources: VULHUB: VHN-405301 // VULMON: CVE-2022-20748 // JVNDB: JVNDB-2022-010993 // CNNVD: CNNVD-202204-4490 // NVD: CVE-2022-20748

SOURCES

db:VULHUBid:VHN-405301
db:VULMONid:CVE-2022-20748
db:JVNDBid:JVNDB-2022-010993
db:CNNVDid:CNNVD-202204-4490
db:NVDid:CVE-2022-20748

LAST UPDATE DATE

2024-08-14T13:53:23.412000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-405301date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-010993date:2023-08-18T05:40:00
db:CNNVDid:CNNVD-202204-4490date:2023-06-28T00:00:00
db:NVDid:CVE-2022-20748date:2023-11-07T03:42:49.897

SOURCES RELEASE DATE

db:VULHUBid:VHN-405301date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010993date:2023-08-18T00:00:00
db:CNNVDid:CNNVD-202204-4490date:2022-04-27T00:00:00
db:NVDid:CVE-2022-20748date:2022-05-03T04:15:09.627