CVE-2022-20928 — Incorrect Authorization in Cisco Adaptive Security Appliance Software

CWE-863 — Incorrect Authorization4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 63.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software Cisco Firepower Services Software FOR ASA Cisco Firepower Threat Defense Software +2 more

Timeline

PublishedNov 15

Latest updateNov 16

Description

A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during the VPN authentication flow. An attacker could exploit this vulnerability by sending a crafted packet during a VPN authentication. The attacker must …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

▶NVDcisco/adaptive_security_appliance_software218 versions+217

▶CVEListV5cisco/cisco_firepower_threat_defense_software53 versions+52

▶CVEListV5cisco/cisco_adaptive_security_appliance_software114 versions+113

▶NVDcisco/firepower_threat_defense87 versions+86

▶CVEListV5cisco/cisco_firepower_services_software_for_asaN/A

🔴Vulnerability Details

GHSA

GHSA-575c-j9f6-j63w: A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Th↗2022-11-16

▶

CVEList

CVE-2022-20928: A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Th↗2022-11-10

▶

📋Vendor Advisories

Cisco

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability↗2022-11-09

▶