Cisco Firepower Services Software For Asa vulnerabilities

4 known vulnerabilities affecting cisco/cisco_firepower_services_software_for_asa.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2022-20918HIGHCVSS 7.5vN/A2022-11-15
CVE-2022-20918 [HIGH] CWE-284 CVE-2022-20918: A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS) Software could allow an unauthenticated, remote attacker to perform an SNMP
cvelistv5nvd
CVE-2022-20928MEDIUMCVSS 5.8vN/A2022-11-15
CVE-2022-20928 [MEDIUM] CWE-863 CVE-2022-20928: A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during t
cvelistv5nvd
CVE-2022-20927MEDIUMCVSS 6.5vN/A2022-11-15
CVE-2022-20927 [MEDIUM] CWE-120 CVE-2022-20927: A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connection
cvelistv5nvd
CVE-2022-20828HIGHCVSS 7.2PoCvn/a2022-06-24
CVE-2022-20828 [HIGH] CWE-236 CVE-2022-20828: A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command para
cvelistv5nvd