3 matches found
CVE-2022-20928
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...
CVE-2022-20928
A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to...
CVE-2022-20928
CVE-2022-20928 describes a VPN authorization bypass in Cisco ASA/FTD where a flaw in the VPN authentication flow’s authorization verifications allows an unauthenticated remote attacker (with valid credentials) to establish a VPN session as a different user. The impact is privilege propagation wit...