CVE-2022-20924

{"id": "CVE-2022-20924", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-11-15T21:15:31.730", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x", "source": "ykramarz@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-qsqBNM6x", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-703"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n del Protocolo Simple de Administraci\u00f3n de Red (SNMP) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto autenticado provoque una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud SNMP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo afectado entre en bucle de carga, lo que resultar\u00eda en una condici\u00f3n DoS."}], "lastModified": "2024-11-21T06:43:50.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D83C3A-ED0B-42D5-A08A-97D27E189875"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A649E319-D408-4AA2-8293-C9E37AF14BA5"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4187EFE-4D7E-4493-A6E0-24C98256CF79"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6730194F-5069-40AB-AE66-871D3992560C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E257F98-D1A0-4D28-9504-1749CC090D49"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.1.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FF1A5FC-73BE-4218-86D9-2E81FA64EABD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E492943-6EC0-4E34-9DBC-DD1C2CF1CDCC"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "589E46F3-8038-4B87-8C40-55C6268B82F2"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F3B73F6-139E-42DC-B895-DDD17B5A1138"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A2590E7-FE04-4B29-B36B-AABAA5F3B9AE"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.2.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E4FD5E3-7E82-4294-8B05-D2045D857029"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E998A4A-5346-4CFA-A617-FD1106C6B7A1"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91265549-A16E-4A00-A031-4F1EB8D6881C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA3C316B-5485-4CDD-A1A1-6C0A9CB4719F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECE6D033-7B8B-4F61-B653-0C0EF13466EB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14441650-DAD5-4959-83DF-4D6F3D6A05FA"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B21ABC9-A64B-43E4-8951-1E6C0F427DBB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.3.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A48EC041-322F-422D-B95B-0FC07BDA2B6B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE0D50C0-DADB-4747-8649-8A5257111FE6"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEE2699F-353F-44CB-A778-981783DDC31F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D8E50BD-1FBD-483B-9C27-70E95C732E55"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.14.4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F46E5E4F-787C-4C05-B1E7-C39BB9125D16"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA0B9B73-A9E6-4924-9EAE-B57E534938FD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "012812C4-EFF8-465F-A771-134BEB617CC9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E06141A9-8C37-445A-B58A-45739AFE7D4C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EDC09E5-51D3-4672-B910-B34A9CBD6128"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71ED7A71-81CB-444C-A4ED-EA4A58D5E73C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAD13331-0EB8-4C8D-85CC-D96CA9F829AE"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7137F22B-F993-4620-9378-9412DAEA9EF6"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.15.1.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "923A40E8-6456-4288-B9AB-DBF5F9C4246A"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08CCBF5E-257A-4A1F-8930-3643A9588838"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "782BC9ED-1395-472B-9F34-DED812AA5BFD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.16.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "153449C0-B93F-49A2-8A6A-BE84305E8D2B"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27ACBA2A-87A7-4836-A474-AFD7D22F820D"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C73E0B2E-BABF-4998-A1D7-4E803F9D78AD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59306ADF-FAA6-4970-ADFB-C5D9A5AEF1AD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "959107AC-E9EC-467C-901B-A3164E3762E9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F944F8F-0255-42BE-BD44-D21EC9F0FFC4"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F39C535-5A41-47CE-A9CF-B360998D4BF9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.17.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9CEAEFC-7B82-41F9-A09D-C86A3A60A4FB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7533780-0DF9-41BE-8455-F60676785689"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}