Lucene search

[email protected]CVE-2022-20918

HistoryNov 15, 2022 - 9:15 p.m.

CVE-2022-20918

2022-11-1521:15:29

CWE-284

CWE-287

[email protected]

web.nvd.nist.gov

cisco

snmp

access controls

vulnerability

cisco firepower

asa

fmc

ngips

remote attacker

default credential

exploit

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP GET request using a default credential.

This vulnerability is due to the presence of a default credential for SNMP version 1 (SNMPv1) and SNMP version 2 (SNMPv2). An attacker could exploit this vulnerability by sending an SNMPv1 or SNMPv2 GET request to an affected device. A successful exploit could allow the attacker to retrieve sensitive information from the device using the default credential.

This attack will only be successful if SNMP is configured, and the attacker can only perform SNMP GET requests; write access using SNMP is not allowed.

Affected configurations

NVD

Node

ciscofirepower_management_centerRange7.0.0–7.0.5

ciscofirepower_services_software_for_asaMatch-

CPENameOperatorVersion
cisco:firepower_management_centercisco firepower management centerlt7.0.5
cisco:firepower_services_software_for_asacisco firepower services software for asaeq-

CPE	Name	Operator	Version
cisco:firepower_management_center	cisco firepower management center	lt	7.0.5
cisco:firepower_services_software_for_asa	cisco firepower services software for asa	eq	-

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Management Center",
    "versions": [
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco FirePOWER Services Software for ASA",
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcsfr-snmp-access-6gqgtJ4S

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

JSON

Related for CVE-2022-20918

prion1 cvelist1 nvd1 cisco1