Cisco Firepower Threat Defense vulnerabilities

CVE-2022-20950 [MEDIUM] CWE-770 CVE-2022-20950: A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Softw A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vul

CVE-2022-20927 [MEDIUM] CWE-120 CVE-2022-20927: A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management when a device initiates SSL/TLS connection

CVE-2022-20866 [HIGH] CWE-203 CVE-2022-20866: A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (AS A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that per

CVE-2022-20713 [MEDIUM] CWE-444 CVE-2022-20713: A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is due to improper validation of input that is passed to

CVE-2022-20742 [HIGH] CWE-325 CVE-2022-20742: A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker

CVE-2022-20751 [HIGH] CWE-770 CVE-2022-20751: A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) S A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort e

CVE-2022-20730 [HIGH] CWE-241 CVE-2022-20730: A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) So A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected devic

CVE-2022-20767 [HIGH] CWE-399 CVE-2022-20767: A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by

CVE-2022-20746 [HIGH] CWE-476 CVE-2022-20746: A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software coul A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an a

CVE-2022-20759 [HIGH] CWE-266 CVE-2022-20759: A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Secur A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and auth

CVE-2022-20729 [HIGH] CWE-91 CVE-2022-20729: A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inje

CVE-2022-20757 [HIGH] CWE-770 CVE-2022-20757: A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by

CVE-2022-20760 [HIGH] CWE-400 CVE-2022-20760: A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker coul

CVE-2022-20745 [HIGH] CWE-20 CVE-2022-20745: A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Secur A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS request

CVE-2022-20715 [HIGH] CWE-399 CVE-2022-20715: A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a r

CVE-2022-20748 [MEDIUM] CWE-664 CVE-2022-20748: A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker c

CVE-2022-20795 [HIGH] CWE-345 CVE-2022-20795: A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processi

CVE-2021-1573 [HIGH] CWE-121 CVE-2021-1573: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit t

CVE-2021-34704 [HIGH] CWE-121 CVE-2021-34704: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software an A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit

CVE-2021-44228 [CRITICAL] CWE-20 CVE-2021-44228: Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LD