Lucene search
+L
CiscoCyber Vision

5 matches found

CVE
CVE
added 2024/11/15 3:36 p.m.7316 views

CVE-2022-20685

CVE-2022-20685 is a DoS vulnerability in the Snort Modbus preprocessor caused by an integer overflow when processing Modbus traffic. An unauthenticated, remote attacker could craft traffic to cause the Snort process to hang and halt traffic inspection. Cisco has released software updates addressi...

7.5CVSS7.7AI score0.01386EPSS
CVE
CVE
added 2021/12/10 12:0 a.m.6914 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2023/11/01 5:7 p.m.82 views

CVE-2023-20071

Cisco CVE-2023-20071 affects the Snort detection engine’s FTP inspection module across multiple Cisco products (notably FTD/ASA family). An unauthenticated, network-accessible attacker can craft FTP traffic to bypass FTP inspection and potentially deliver a payload, per Cisco’s security advisory ...

5.8CVSS5.6AI score0.00519EPSS
CVE
CVE
added 2022/11/10 5:37 p.m.81 views

CVE-2022-20922

The CVE-2022-20922 entry concerns multiple vulnerabilities in the SMB2 processor of the Snort detection engine on Cisco products (Snort 3 configured). Affected component: Snort SMB2 processing; root cause: improper management of system resources while handling SMB2 traffic. Impact: unauthenticate...

6.5CVSS6.8AI score0.00764EPSS
CVE
CVE
added 2022/11/10 5:37 p.m.80 views

CVE-2022-20943

CVE-2022-20943 pertains to Cisco Snort SMB2 processing. The SMB2 processor in Snort 3 (on affected Cisco products) is vulnerable to resource-management issues when handling SMB2 traffic, enabling unauthenticated remote attackers to bypass policies or cause DoS by sending high rates of SMB2 packet...

5.8CVSS6AI score0.0089EPSS