Details of VAR-202211-0962

ID

VAR-202211-0962

CVE

CVE-2022-20940

TITLE

Cisco Systems Cisco Firepower Threat Defense Observable discrepancy vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2022-022981

DESCRIPTION

A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit this vulnerability by sending crafted TLS messages to an affected device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device

Trust: 1.71

sources: NVD: CVE-2022-20940 // JVNDB: JVNDB-2022-022981 // VULHUB: VHN-405493

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.4.0.14	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.2.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.1	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.0	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 7.1.0.0	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 7.1.0.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.0.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.5.0 to 6.5.0.5	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.4.0 to 6.4.0.14	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.3	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 7.1.0.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 7.0.0 to 7.0.3	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.4	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.5.1	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.2.3 to 6.2.3.18	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.5.2	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.3.0 to 6.3.0.5	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.6.5	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software 6.7.0 to 6.7.0.3	Trust: 0.8

sources: JVNDB: JVNDB-2022-022981 // NVD: CVE-2022-20940

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20940
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20940
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-20940
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202211-2501
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-20940
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
NVD:	CVE-2022-20940
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022981 // CNNVD: CNNVD-202211-2501 // NVD: CVE-2022-20940 // NVD: CVE-2022-20940

PROBLEMTYPE DATA

problemtype:	CWE-203	Trust: 1.1
problemtype:	Observable discrepancy (CWE-203) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-405493 // JVNDB: JVNDB-2022-022981 // NVD: CVE-2022-20940

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2501

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202211-2501

PATCH

title:	cisco-sa-ftd-tls-bb-rCgtmY2	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-bb-rCgtmY2	Trust: 0.8
title:	Cisco Firepower Threat Defense Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=213597	Trust: 0.6

sources: JVNDB: JVNDB-2022-022981 // CNNVD: CNNVD-202211-2501

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20940	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022981	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-2501	Trust: 0.6
db:	CNVD	id:	CNVD-2022-78142	Trust: 0.1
db:	VULHUB	id:	VHN-405493	Trust: 0.1

sources: VULHUB: VHN-405493 // JVNDB: JVNDB-2022-022981 // CNNVD: CNNVD-202211-2501 // NVD: CVE-2022-20940

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2022-20940	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-tls-bb-rcgtmy2	Trust: 1.0
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-tls-bb-rcgtmy2	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-20940/	Trust: 0.6

sources: VULHUB: VHN-405493 // JVNDB: JVNDB-2022-022981 // CNNVD: CNNVD-202211-2501 // NVD: CVE-2022-20940

SOURCES

db:	VULHUB	id:	VHN-405493
db:	JVNDB	id:	JVNDB-2022-022981
db:	CNNVD	id:	CNNVD-202211-2501
db:	NVD	id:	CVE-2022-20940

LAST UPDATE DATE

2024-08-14T14:55:08.894000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405493	date:	2022-11-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-022981	date:	2023-11-24T01:54:00
db:	CNNVD	id:	CNNVD-202211-2501	date:	2022-11-23T00:00:00
db:	NVD	id:	CVE-2022-20940	date:	2024-01-25T17:15:20.583

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405493	date:	2022-11-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-022981	date:	2023-11-24T00:00:00
db:	CNNVD	id:	CNNVD-202211-2501	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-20940	date:	2022-11-15T21:15:34.650