Details of VAR-202211-0563

ID

VAR-202211-0563

CVE

CVE-2022-20924

TITLE

Cisco Systems Cisco Adaptive Security Appliance software and Cisco Firepower Threat Defense Input validation vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2022-022983

DESCRIPTION

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition

Trust: 1.71

sources: NVD: CVE-2022-20924 // JVNDB: JVNDB-2022-022983 // VULHUB: VHN-405477

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.19	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.3.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.18	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.30	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.18.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.2.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.15	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.3.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.21	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.16	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.2.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.2.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.9	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco adaptive security appliance ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-022983 // NVD: CVE-2022-20924

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20924
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20924
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-20924
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202211-2437
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-20924
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20924
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.1
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2022-20924
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022983 // CNNVD: CNNVD-202211-2437 // NVD: CVE-2022-20924 // NVD: CVE-2022-20924

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	CWE-703	Trust: 1.0
problemtype:	Inappropriate input confirmation (CWE-20) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-405477 // JVNDB: JVNDB-2022-022983 // NVD: CVE-2022-20924

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2437

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202211-2437

PATCH

title:	cisco-sa-asaftd-snmp-dos-qsqBNM6x	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x	Trust: 0.8
title:	Cisco Firepower Threat Defense Enter the fix for the verification error vulnerability	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=215183	Trust: 0.6

sources: JVNDB: JVNDB-2022-022983 // CNNVD: CNNVD-202211-2437

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20924	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022983	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-2437	Trust: 0.6
db:	VULHUB	id:	VHN-405477	Trust: 0.1

sources: VULHUB: VHN-405477 // JVNDB: JVNDB-2022-022983 // CNNVD: CNNVD-202211-2437 // NVD: CVE-2022-20924

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2022-20924	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-snmp-dos-qsqbnm6x	Trust: 1.0
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-snmp-dos-qsqbnm6x	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-20924/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-snmp-39887	Trust: 0.6

sources: VULHUB: VHN-405477 // JVNDB: JVNDB-2022-022983 // CNNVD: CNNVD-202211-2437 // NVD: CVE-2022-20924

SOURCES

db:	VULHUB	id:	VHN-405477
db:	JVNDB	id:	JVNDB-2022-022983
db:	CNNVD	id:	CNNVD-202211-2437
db:	NVD	id:	CVE-2022-20924

LAST UPDATE DATE

2024-08-14T14:02:14.255000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405477	date:	2022-11-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-022983	date:	2023-11-24T01:54:00
db:	CNNVD	id:	CNNVD-202211-2437	date:	2022-11-23T00:00:00
db:	NVD	id:	CVE-2022-20924	date:	2024-01-25T17:15:19.013

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405477	date:	2022-11-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-022983	date:	2023-11-24T00:00:00
db:	CNNVD	id:	CNNVD-202211-2437	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-20924	date:	2022-11-15T21:15:31.730