Details of VAR-202211-1092

ID

VAR-202211-1092

CVE

CVE-2022-20854

TITLE

Cisco Systems Cisco Firepower Management Center Software and Cisco Firepower Threat Defense Exceptional State Handling Vulnerability in Software

Trust: 0.8

sources: JVNDB: JVNDB-2022-022881

DESCRIPTION

A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device

Trust: 1.71

sources: NVD: CVE-2022-20854 // JVNDB: JVNDB-2022-022881 // VULHUB: VHN-405407

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.2.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.2.2.5	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.2.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.1.0.7	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.2.2.5	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.2.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.2.0.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.0.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.1.0.7	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.4	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.1.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.4.0.15	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.2.0.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.4	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.2.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lte	version:	6.4.0.15	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.6.5	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower management center software	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-022881 // NVD: CVE-2022-20854

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20854
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20854
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-20854
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202211-2487
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-20854
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-20854
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022881 // CNNVD: CNNVD-202211-2487 // NVD: CVE-2022-20854 // NVD: CVE-2022-20854

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.1
problemtype:	CWE-755	Trust: 1.0
problemtype:	Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-405407 // JVNDB: JVNDB-2022-022881 // NVD: CVE-2022-20854

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2487

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202211-2487

PATCH

title:	cisco-sa-fmc-dos-OwEunWJN	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN	Trust: 0.8
title:	Cisco Firepower Management Center and Firepower Threat Defense Remediation of resource management error vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=213584	Trust: 0.6

sources: JVNDB: JVNDB-2022-022881 // CNNVD: CNNVD-202211-2487

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20854	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022881	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-2487	Trust: 0.6
db:	VULHUB	id:	VHN-405407	Trust: 0.1

sources: VULHUB: VHN-405407 // JVNDB: JVNDB-2022-022881 // CNNVD: CNNVD-202211-2487 // NVD: CVE-2022-20854

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2022-20854	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-fmc-dos-oweunwjn	Trust: 1.0
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-fmc-dos-oweunwjn	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-20854/	Trust: 0.6

sources: VULHUB: VHN-405407 // JVNDB: JVNDB-2022-022881 // CNNVD: CNNVD-202211-2487 // NVD: CVE-2022-20854

SOURCES

db:	VULHUB	id:	VHN-405407
db:	JVNDB	id:	JVNDB-2022-022881
db:	CNNVD	id:	CNNVD-202211-2487
db:	NVD	id:	CVE-2022-20854

LAST UPDATE DATE

2024-08-14T14:30:51.777000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405407	date:	2022-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2022-022881	date:	2023-11-21T04:54:00
db:	CNNVD	id:	CNNVD-202211-2487	date:	2022-11-18T00:00:00
db:	NVD	id:	CVE-2022-20854	date:	2024-01-25T17:15:17.553

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405407	date:	2022-11-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-022881	date:	2023-11-21T00:00:00
db:	CNNVD	id:	CNNVD-202211-2487	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-20854	date:	2022-11-15T21:15:27.867