Lucene search
HistoryNov 15, 2022 - 9:15 p.m.
CVE-2022-20924
cve-2022-20924
cisco
snmp
asa
ftd
vulnerability
dos
nvd
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.8%
A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch9.14.1
ORciscoadaptive_security_appliance_softwareMatch9.14.1.6
ORciscoadaptive_security_appliance_softwareMatch9.14.1.10
ORciscoadaptive_security_appliance_softwareMatch9.14.1.15
ORciscoadaptive_security_appliance_softwareMatch9.14.1.19
ORciscoadaptive_security_appliance_softwareMatch9.14.1.30
ORciscoadaptive_security_appliance_softwareMatch9.14.2
ORciscoadaptive_security_appliance_softwareMatch9.14.2.4
ORciscoadaptive_security_appliance_softwareMatch9.14.2.8
ORciscoadaptive_security_appliance_softwareMatch9.14.2.13
ORciscoadaptive_security_appliance_softwareMatch9.14.2.15
ORciscoadaptive_security_appliance_softwareMatch9.14.3
ORciscoadaptive_security_appliance_softwareMatch9.14.3.1
ORciscoadaptive_security_appliance_softwareMatch9.14.3.9
ORciscoadaptive_security_appliance_softwareMatch9.14.3.11
ORciscoadaptive_security_appliance_softwareMatch9.14.3.13
ORciscoadaptive_security_appliance_softwareMatch9.14.3.15
ORciscoadaptive_security_appliance_softwareMatch9.14.3.18
ORciscoadaptive_security_appliance_softwareMatch9.14.4
ORciscoadaptive_security_appliance_softwareMatch9.14.4.6
ORciscoadaptive_security_appliance_softwareMatch9.14.4.7
ORciscoadaptive_security_appliance_softwareMatch9.14.4.12
ORciscoadaptive_security_appliance_softwareMatch9.15.1
ORciscoadaptive_security_appliance_softwareMatch9.15.1.1
ORciscoadaptive_security_appliance_softwareMatch9.15.1.7
ORciscoadaptive_security_appliance_softwareMatch9.15.1.10
ORciscoadaptive_security_appliance_softwareMatch9.15.1.15
ORciscoadaptive_security_appliance_softwareMatch9.15.1.16
ORciscoadaptive_security_appliance_softwareMatch9.15.1.17
ORciscoadaptive_security_appliance_softwareMatch9.15.1.21
ORciscoadaptive_security_appliance_softwareMatch9.16.3
ORciscoadaptive_security_appliance_softwareMatch9.16.3.3
ORciscoadaptive_security_appliance_softwareMatch9.16.3.14
ORciscoadaptive_security_appliance_softwareMatch9.17.1
ORciscoadaptive_security_appliance_softwareMatch9.17.1.7
ORciscoadaptive_security_appliance_softwareMatch9.17.1.9
ORciscoadaptive_security_appliance_softwareMatch9.17.1.10
ORciscoadaptive_security_appliance_softwareMatch9.17.1.11
ORciscoadaptive_security_appliance_softwareMatch9.17.1.13
ORciscoadaptive_security_appliance_softwareMatch9.17.1.15
ORciscoadaptive_security_appliance_softwareMatch9.18.1
Node
ciscofirepower_threat_defenseMatch6.6.0
ORciscofirepower_threat_defenseMatch6.6.0.1
ORciscofirepower_threat_defenseMatch6.6.1
ORciscofirepower_threat_defenseMatch6.6.3
ORciscofirepower_threat_defenseMatch6.6.4
ORciscofirepower_threat_defenseMatch6.6.5
ORciscofirepower_threat_defenseMatch6.6.5.1
ORciscofirepower_threat_defenseMatch6.6.5.2
ORciscofirepower_threat_defenseMatch6.7.0
ORciscofirepower_threat_defenseMatch6.7.0.1
ORciscofirepower_threat_defenseMatch6.7.0.2
ORciscofirepower_threat_defenseMatch6.7.0.3
ORciscofirepower_threat_defenseMatch7.0.0
ORciscofirepower_threat_defenseMatch7.0.0.1
ORciscofirepower_threat_defenseMatch7.0.1
ORciscofirepower_threat_defenseMatch7.0.1.1
ORciscofirepower_threat_defenseMatch7.0.2
ORciscofirepower_threat_defenseMatch7.0.2.1
ORciscofirepower_threat_defenseMatch7.0.3
ORciscofirepower_threat_defenseMatch7.1.0.0
ORciscofirepower_threat_defenseMatch7.1.0.1
ORciscofirepower_threat_defenseMatch7.1.0.2
ORciscofirepower_threat_defenseMatch7.2.0
ORciscofirepower_threat_defenseMatch7.2.0.1
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"versions": [
{
"version": "9.14.1",
"status": "affected"
},
{
"version": "9.14.1.10",
"status": "affected"
},
{
"version": "9.14.1.6",
"status": "affected"
},
{
"version": "9.14.1.15",
"status": "affected"
},
{
"version": "9.14.1.19",
"status": "affected"
},
{
"version": "9.14.1.30",
"status": "affected"
},
{
"version": "9.14.2",
"status": "affected"
},
{
"version": "9.14.2.4",
"status": "affected"
},
{
"version": "9.14.2.8",
"status": "affected"
},
{
"version": "9.14.2.13",
"status": "affected"
},
{
"version": "9.14.2.15",
"status": "affected"
},
{
"version": "9.14.3",
"status": "affected"
},
{
"version": "9.14.3.1",
"status": "affected"
},
{
"version": "9.14.3.9",
"status": "affected"
},
{
"version": "9.14.3.11",
"status": "affected"
},
{
"version": "9.14.3.13",
"status": "affected"
},
{
"version": "9.14.3.18",
"status": "affected"
},
{
"version": "9.14.3.15",
"status": "affected"
},
{
"version": "9.14.4",
"status": "affected"
},
{
"version": "9.14.4.6",
"status": "affected"
},
{
"version": "9.14.4.7",
"status": "affected"
},
{
"version": "9.14.4.12",
"status": "affected"
},
{
"version": "9.15.1",
"status": "affected"
},
{
"version": "9.15.1.7",
"status": "affected"
},
{
"version": "9.15.1.10",
"status": "affected"
},
{
"version": "9.15.1.15",
"status": "affected"
},
{
"version": "9.15.1.16",
"status": "affected"
},
{
"version": "9.15.1.17",
"status": "affected"
},
{
"version": "9.15.1.1",
"status": "affected"
},
{
"version": "9.15.1.21",
"status": "affected"
},
{
"version": "9.16.1",
"status": "affected"
},
{
"version": "9.16.1.28",
"status": "affected"
},
{
"version": "9.16.2",
"status": "affected"
},
{
"version": "9.16.2.3",
"status": "affected"
},
{
"version": "9.16.2.7",
"status": "affected"
},
{
"version": "9.16.2.11",
"status": "affected"
},
{
"version": "9.16.2.13",
"status": "affected"
},
{
"version": "9.16.2.14",
"status": "affected"
},
{
"version": "9.16.3",
"status": "affected"
},
{
"version": "9.16.3.3",
"status": "affected"
},
{
"version": "9.16.3.14",
"status": "affected"
},
{
"version": "9.17.1",
"status": "affected"
},
{
"version": "9.17.1.7",
"status": "affected"
},
{
"version": "9.17.1.9",
"status": "affected"
},
{
"version": "9.17.1.10",
"status": "affected"
},
{
"version": "9.17.1.11",
"status": "affected"
},
{
"version": "9.17.1.13",
"status": "affected"
},
{
"version": "9.17.1.15",
"status": "affected"
},
{
"version": "9.18.1",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco Firepower Threat Defense Software",
"versions": [
{
"version": "6.6.0",
"status": "affected"
},
{
"version": "6.6.0.1",
"status": "affected"
},
{
"version": "6.6.1",
"status": "affected"
},
{
"version": "6.6.3",
"status": "affected"
},
{
"version": "6.6.4",
"status": "affected"
},
{
"version": "6.6.5",
"status": "affected"
},
{
"version": "6.6.5.1",
"status": "affected"
},
{
"version": "6.6.5.2",
"status": "affected"
},
{
"version": "6.7.0",
"status": "affected"
},
{
"version": "6.7.0.1",
"status": "affected"
},
{
"version": "6.7.0.2",
"status": "affected"
},
{
"version": "6.7.0.3",
"status": "affected"
},
{
"version": "7.0.0",
"status": "affected"
},
{
"version": "7.0.0.1",
"status": "affected"
},
{
"version": "7.0.1",
"status": "affected"
},
{
"version": "7.0.1.1",
"status": "affected"
},
{
"version": "7.0.2",
"status": "affected"
},
{
"version": "7.0.2.1",
"status": "affected"
},
{
"version": "7.0.3",
"status": "affected"
},
{
"version": "7.1.0",
"status": "affected"
},
{
"version": "7.1.0.1",
"status": "affected"
},
{
"version": "7.1.0.2",
"status": "affected"
},
{
"version": "7.2.0",
"status": "affected"
},
{
"version": "7.2.0.1",
"status": "affected"
}
]
}
]Social References
More
Related
nessus
nessus
prion
prion
Input validation
2022-11-15 21:15:00
cvelist
cvelist
CVE-2022-20924
2022-11-10 17:30:58
nvd
nvd
CVE-2022-20924
2022-11-15 21:15:31
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
43.8%
Related for CVE-2022-20924