Details of VAR-202211-1267

ID

VAR-202211-1267

CVE

CVE-2022-20928

TITLE

Cisco Systems Cisco Adaptive Security Appliance software and Cisco Firepower Threat Defense Fraudulent Authentication Vulnerability in Software

Trust: 0.8

sources: JVNDB: JVNDB-2022-022935

DESCRIPTION

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must have valid credentials to establish a VPN connection. A successful exploit could allow the attacker to establish a VPN connection with access privileges from a different user

Trust: 1.71

sources: NVD: CVE-2022-20928 // JVNDB: JVNDB-2022-022935 // VULHUB: VHN-405481

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.26	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.8	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.15	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.43	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.22	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.27	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.85	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.45	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.1.28	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.1.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.61	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.21	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.24	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.21	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.24	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.44	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.83	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.27	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.19	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.20	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.28	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.66	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.67	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.23	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.30	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.9	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.16	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.20	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.3.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.74	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.23	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.22	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.38	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.26	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.39	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.15	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.39	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.20	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.40	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.24	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.2.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.16	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.40	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.3.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.32	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.21	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.11	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.29	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.38	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.20	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.29	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.24	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.1.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.41	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.36	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.22	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.1.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.21	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.1.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.30	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.30	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.30	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.11	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.1.7	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.1.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.19	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.42	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.25	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.37	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.17	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.40	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.40	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.16	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.15	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.7	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.14	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	7.1.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.47	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.8	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.34	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.32	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.25	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.2.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.11	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.7.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.22	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.56	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.35	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.26	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.16	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.37	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.80	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.3.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.32	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.17.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.29	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.36	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.14	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.3.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.44	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.34	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.1.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.16.2.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.3.8	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.42	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.4.26	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.13.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1.2	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.33	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.12.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.50	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.45	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.4.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.41	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.18	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.25	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.4.29	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.15.1.16	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.5.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.33	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.4.35	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7.1.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.52	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.2.35	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.14.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.18	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9.2.59	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco adaptive security appliance ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-022935 // NVD: CVE-2022-20928

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-20928
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2022-20928
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-20928
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202211-2445
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-20928
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
NVD:	CVE-2022-20928
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-022935 // CNNVD: CNNVD-202211-2445 // NVD: CVE-2022-20928 // NVD: CVE-2022-20928

PROBLEMTYPE DATA

problemtype:	CWE-863	Trust: 1.1
problemtype:	Illegal authentication (CWE-863) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-405481 // JVNDB: JVNDB-2022-022935 // NVD: CVE-2022-20928

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2445

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202211-2445

PATCH

title:	cisco-sa-asa-ftd-vp-authz-N2GckjN6	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-vp-authz-N2GckjN6	Trust: 0.8
title:	Cisco Adaptive Security Appliance ( ASA ) Software and Cisco Firepower Threat Defense ( FTD ) Software Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=213552	Trust: 0.6

sources: JVNDB: JVNDB-2022-022935 // CNNVD: CNNVD-202211-2445

EXTERNAL IDS

db:	NVD	id:	CVE-2022-20928	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-022935	Trust: 0.8
db:	CNNVD	id:	CNNVD-202211-2445	Trust: 0.6
db:	VULHUB	id:	VHN-405481	Trust: 0.1

sources: VULHUB: VHN-405481 // JVNDB: JVNDB-2022-022935 // CNNVD: CNNVD-202211-2445 // NVD: CVE-2022-20928

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2022-20928	Trust: 1.4
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ftd-vp-authz-n2gckjn6	Trust: 1.0
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ftd-vp-authz-n2gckjn6	Trust: 0.7
url:	https://vigilance.fr/vulnerability/cisco-asa-user-access-via-vpn-authentication-39884	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-20928/	Trust: 0.6

sources: VULHUB: VHN-405481 // JVNDB: JVNDB-2022-022935 // CNNVD: CNNVD-202211-2445 // NVD: CVE-2022-20928

SOURCES

db:	VULHUB	id:	VHN-405481
db:	JVNDB	id:	JVNDB-2022-022935
db:	CNNVD	id:	CNNVD-202211-2445
db:	NVD	id:	CVE-2022-20928

LAST UPDATE DATE

2024-08-14T15:21:29.974000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-405481	date:	2022-11-21T00:00:00
db:	JVNDB	id:	JVNDB-2022-022935	date:	2023-11-21T07:53:00
db:	CNNVD	id:	CNNVD-202211-2445	date:	2022-11-22T00:00:00
db:	NVD	id:	CVE-2022-20928	date:	2024-01-25T17:15:19.530

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-405481	date:	2022-11-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-022935	date:	2023-11-21T00:00:00
db:	CNNVD	id:	CNNVD-202211-2445	date:	2022-11-09T00:00:00
db:	NVD	id:	CVE-2022-20928	date:	2022-11-15T21:15:32.720