Sign-up

ID

VAR-202204-2026


CVE

CVE-2022-20748


TITLE

Cisco Firepower Threat Defense Software  Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2022-010993

DESCRIPTION

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-amp-local-dos-CUfwRJXT This advisory is part of the April 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: April 2022 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication

Trust: 1.8

sources: NVD: CVE-2022-20748 // JVNDB: JVNDB-2022-010993 // VULHUB: VHN-405301 // VULMON: CVE-2022-20748

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:eqversion:7.0.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

sources: JVNDB: JVNDB-2022-010993 // NVD: CVE-2022-20748

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2022-20748
value: MEDIUM

Trust: 1.8

ykramarz@cisco.com: CVE-2022-20748
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202204-4490
value: MEDIUM

Trust: 0.6

VULHUB: VHN-405301
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2022-20748
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-405301
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2022-20748
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-405301 // JVNDB: JVNDB-2022-010993 // NVD: CVE-2022-20748 // NVD: CVE-2022-20748 // CNNVD: CNNVD-202204-4490

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.0

problemtype:Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-400

Trust: 0.1

sources: VULHUB: VHN-405301 // JVNDB: JVNDB-2022-010993 // NVD: CVE-2022-20748

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-4490

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202204-4490

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2022-20748

PATCH
title:cisco-sa-ftd-amp-local-dos-CUfwRJXTurl:https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-amp-local-dos-cufwrjxt
Trust: 0.8
title:Cisco Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqbyid.tag?id=192813
Trust: 0.6
title:Cisco: Cisco Firepower Threat Defense Software Local Malware Analysis Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-amp-local-dos-cufwrjxt
Trust: 0.1
sources:
            
            
            VULMON: CVE-2022-20748 // 
            
            
            
            JVNDB: JVNDB-2022-010993 // 
            
            
            
            CNNVD: CNNVD-202204-4490

EXTERNAL IDS
db:NVDid:CVE-2022-20748
Trust: 3.4
db:JVNDBid:JVNDB-2022-010993
Trust: 0.8
db:CS-HELPid:SB2022042813
Trust: 0.6
db:AUSCERTid:ESB-2022.1918
Trust: 0.6
db:CNNVDid:CNNVD-202204-4490
Trust: 0.6
db:VULHUBid:VHN-405301
Trust: 0.1
db:VULMONid:CVE-2022-20748
Trust: 0.1
sources:
            
            
            VULHUB: VHN-405301 // 
            
            
            
            VULMON: CVE-2022-20748 // 
            
            
            
            JVNDB: JVNDB-2022-010993 // 
            
            
            
            NVD: CVE-2022-20748 // 
            
            
            
            CNNVD: CNNVD-202204-4490

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-amp-local-dos-cufwrjxt
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2022-20748
Trust: 0.8
url:https://cxsecurity.com/cveshow/cve-2022-20748/
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2022042813
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2022.1918
Trust: 0.6
sources:
            
            
            VULHUB: VHN-405301 // 
            
            
            
            VULMON: CVE-2022-20748 // 
            
            
            
            JVNDB: JVNDB-2022-010993 // 
            
            
            
            NVD: CVE-2022-20748 // 
            
            
            
            CNNVD: CNNVD-202204-4490

SOURCES
db:VULHUBid:VHN-405301
db:VULMONid:CVE-2022-20748
db:JVNDBid:JVNDB-2022-010993
db:NVDid:CVE-2022-20748
db:CNNVDid:CNNVD-202204-4490

LAST UPDATE DATE
2023-12-18T13:22:28.086000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-405301date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-010993date:2023-08-18T05:40:00
db:NVDid:CVE-2022-20748date:2023-11-07T03:42:49.897
db:CNNVDid:CNNVD-202204-4490date:2023-06-28T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-405301date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2022-010993date:2023-08-18T00:00:00
db:NVDid:CVE-2022-20748date:2022-05-03T04:15:09.627
db:CNNVDid:CNNVD-202204-4490date:2022-04-27T00:00:00