CVE-2022-20854 - Vulnerability Details

Vendors	Products
Cisco	Firepower Threat Defense Secure Firewall Management Center

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN

Type	Values Removed	Values Added
First Time appeared		Cisco secure Firewall Management Center
CPEs	cpe:2.3:a:cisco:firepower_management_center:::::::: cpe:2.3:a:cisco:firepower_management_center:6.2.1:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.0.1:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.0:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.1:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.3:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.4:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.5.1:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.5.2:::::::* cpe:2.3:a:cisco:firepower_management_center:6.6.5:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.0.1:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.0:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.1.1:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.1:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.2.1:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.2:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.3:::::::* cpe:2.3:a:cisco:firepower_management_center:7.0.4:::::::*	cpe:2.3:a:cisco:secure_firewall_management_center:::::::: cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:::::::* cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:::::::*
Vendors & Products	Cisco firepower Management Center	Cisco secure Firewall Management Center

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-20854", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "requesterUserId": "4087f8c1-b21c-479b-99df-de23cb76b743", "dateReserved": "2021-11-02T13:28:29.180Z", "datePublished": "2022-11-10T17:31:14.744Z", "dateUpdated": "2024-08-03T02:24:50.053Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:11.243Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "N/A", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Uncontrolled Resource Consumption", "type": "cwe", "cweId": "CWE-400"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN", "name": "cisco-sa-fmc-dos-OwEunWJN"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-fmc-dos-OwEunWJN", "discovery": "INTERNAL", "defects": ["CSCvy95520"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T02:24:50.053Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN", "name": "cisco-sa-fmc-dos-OwEunWJN", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2022-20854 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

requesterUserId : 4087f8c1-b21c-479b-99df-de23cb76b743 (string)

dateReserved : 2021-11-02T13:28:29.180Z (string)

datePublished : 2022-11-10T17:31:14.744Z (string)

dateUpdated : 2024-08-03T02:24:50.053Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-01-25T16:57:11.243Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device. (string)

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco Firepower Management Center (string)

versions : [ »

0 : { »

version : N/A (string)

status : affected (string)

}

]

}

1 : { »

vendor : Cisco (string)

product : Cisco Firepower Threat Defense Software (string)

versions : [ »

0 : { »

version : N/A (string)

status : affected (string)

}

]

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : Uncontrolled Resource Consumption (string)

type : cwe (string)

cweId : CWE-400 (string)

}

]

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN (string)

name : cisco-sa-fmc-dos-OwEunWJN (string)

}

]

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

attackVector : NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : NONE (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

availabilityImpact : HIGH (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-fmc-dos-OwEunWJN (string)

discovery : INTERNAL (string)

defects : [ »

0 : CSCvy95520 (string)

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T02:24:50.053Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN (string)

name : cisco-sa-fmc-dos-OwEunWJN (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "2763D059-E717-43B8-8108-8025CDDF73EB", "versionEndIncluding": "6.1.0.7", "versionStartIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A2861D3-2CAE-448E-8A0B-822F4E730971", "versionEndIncluding": "6.2.0.6", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDB7B36E-7DA5-4690-9D21-6BFD8025766C", "versionEndIncluding": "6.2.2.5", "versionStartIncluding": "6.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B2802CF-8A7F-4FC6-A406-F1F26C932F3C", "versionEndIncluding": "6.2.3.18", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "129717CC-A91F-4F05-8096-E9CABDFE6F6F", "versionEndIncluding": "6.3.0.5", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "25585CDD-8917-43DD-8FE4-01CF9C7AADCA", "versionEndIncluding": "6.4.0.15", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "2586C31E-6CAC-433C-90B0-6233CA28D041", "versionEndIncluding": "6.5.0.5", "versionStartIncluding": "6.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C8ECB61-27AB-49B9-8201-AD36C3E924B0", "versionEndIncluding": "6.7.0.3", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A4A52EA-D464-4855-ABEC-FD98E0F3BD97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "81F9AF68-70BD-46DE-B7F2-97C9BD5182A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D808CD-B030-4334-A286-9B3A1D35C61D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DFE9115-3E32-4A55-AB5A-83513322FE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "09BD6616-B2B9-49B1-AD20-9B13D93C8F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "35A9634E-FCF4-4C67-A463-6BA5F63DD2A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8452BA9A-F56C-48E0-BDBA-9095AF78F521", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2CE3B06-353C-4623-9EF4-78814DCB0D7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFA94312-376E-4785-888F-3C07612E1DF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "29E73FBF-2579-4660-AFFA-7F9607004226", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "87FAAFFB-0589-441B-8289-8B8A6E18F705", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "73B92119-793D-4A43-A056-24DB6826E759", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "093A0BC2-037C-463F-AFC5-EF11C2954EAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B881B8DF-A96D-4B64-B98A-71F0D3388641", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "64116F5B-671C-46DB-A78D-AB14AAF946FD", "versionEndIncluding": "6.1.0.7", "versionStartIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD237542-FED6-4013-AD9F-18891954FE05", "versionEndIncluding": "6.2.0.6", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F74A25A-601D-470D-BA43-EA68ADD266C6", "versionEndIncluding": "6.2.2.5", "versionStartIncluding": "6.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "D58D7217-F6F5-4B58-B59C-E5C8781C87A9", "versionEndIncluding": "6.2.3.18", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDE0C110-518D-4E51-BCEB-F4E9FC448278", "versionEndIncluding": "6.3.0.5", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "874E0E13-4A9E-4296-BEE6-F5B1077411A0", "versionEndIncluding": "6.4.0.15", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "171E1C5D-68C5-4BBC-AE18-D1518A1B7277", "versionEndIncluding": "6.5.0.5", "versionStartIncluding": "6.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "1110632C-526F-4025-A7BE-0CF9F37E5F9E", "versionEndIncluding": "6.7.0.3", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AD48BE40-C647-429A-81B6-59E125BBE415", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en el procesamiento de conexiones SSH de Cisco Firepower Management Center (FMC) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado cause una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de errores cuando no se puede establecer una sesi\u00f3n SSH. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una alta tasa de conexiones SSH manipuladas a la instancia. Un exploit exitoso podr\u00eda permitir que el atacante provoque el agotamiento de los recursos, lo que provocar\u00eda un reinicio en el dispositivo afectado."}], "id": "CVE-2022-20854", "lastModified": "2024-11-26T16:09:02.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-15T21:15:27.867", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2763D059-E717-43B8-8108-8025CDDF73EB (string)

versionEndIncluding : 6.1.0.7 (string)

versionStartIncluding : 6.1.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5A2861D3-2CAE-448E-8A0B-822F4E730971 (string)

versionEndIncluding : 6.2.0.6 (string)

versionStartIncluding : 6.2.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FDB7B36E-7DA5-4690-9D21-6BFD8025766C (string)

versionEndIncluding : 6.2.2.5 (string)

versionStartIncluding : 6.2.2 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2B2802CF-8A7F-4FC6-A406-F1F26C932F3C (string)

versionEndIncluding : 6.2.3.18 (string)

versionStartIncluding : 6.2.3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 129717CC-A91F-4F05-8096-E9CABDFE6F6F (string)

versionEndIncluding : 6.3.0.5 (string)

versionStartIncluding : 6.3.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 25585CDD-8917-43DD-8FE4-01CF9C7AADCA (string)

versionEndIncluding : 6.4.0.15 (string)

versionStartIncluding : 6.4.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2586C31E-6CAC-433C-90B0-6233CA28D041 (string)

versionEndIncluding : 6.5.0.5 (string)

versionStartIncluding : 6.5.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C8ECB61-27AB-49B9-8201-AD36C3E924B0 (string)

versionEndIncluding : 6.7.0.3 (string)

versionStartIncluding : 6.7.0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A4A52EA-D464-4855-ABEC-FD98E0F3BD97 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 81F9AF68-70BD-46DE-B7F2-97C9BD5182A9 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : D1D808CD-B030-4334-A286-9B3A1D35C61D (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0DFE9115-3E32-4A55-AB5A-83513322FE97 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 09BD6616-B2B9-49B1-AD20-9B13D93C8F2C (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 35A9634E-FCF4-4C67-A463-6BA5F63DD2A5 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 2D8CF5AA-7B41-4E98-8E7E-A399AAA510B9 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8452BA9A-F56C-48E0-BDBA-9095AF78F521 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:6.6.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : B2CE3B06-353C-4623-9EF4-78814DCB0D7D (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : DFA94312-376E-4785-888F-3C07612E1DF7 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 29E73FBF-2579-4660-AFFA-7F9607004226 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 87FAAFFB-0589-441B-8289-8B8A6E18F705 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 73B92119-793D-4A43-A056-24DB6826E759 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 093A0BC2-037C-463F-AFC5-EF11C2954EAD (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C4F434FC-CAA4-4DBB-8094-C4ECC28B31E7 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 68C70BB3-33B3-4E7E-99D5-FF76D4ED96AE (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cisco:secure_firewall_management_center:7.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : B881B8DF-A96D-4B64-B98A-71F0D3388641 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 64116F5B-671C-46DB-A78D-AB14AAF946FD (string)

versionEndIncluding : 6.1.0.7 (string)

versionStartIncluding : 6.1.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DD237542-FED6-4013-AD9F-18891954FE05 (string)

versionEndIncluding : 6.2.0.6 (string)

versionStartIncluding : 6.2.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1F74A25A-601D-470D-BA43-EA68ADD266C6 (string)

versionEndIncluding : 6.2.2.5 (string)

versionStartIncluding : 6.2.2 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D58D7217-F6F5-4B58-B59C-E5C8781C87A9 (string)

versionEndIncluding : 6.2.3.18 (string)

versionStartIncluding : 6.2.3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EDE0C110-518D-4E51-BCEB-F4E9FC448278 (string)

versionEndIncluding : 6.3.0.5 (string)

versionStartIncluding : 6.3.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 874E0E13-4A9E-4296-BEE6-F5B1077411A0 (string)

versionEndIncluding : 6.4.0.15 (string)

versionStartIncluding : 6.4.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 171E1C5D-68C5-4BBC-AE18-D1518A1B7277 (string)

versionEndIncluding : 6.5.0.5 (string)

versionStartIncluding : 6.5.0 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1110632C-526F-4025-A7BE-0CF9F37E5F9E (string)

versionEndIncluding : 6.7.0.3 (string)

versionStartIncluding : 6.7.0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AD48BE40-C647-429A-81B6-59E125BBE415 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : DCD69468-8067-4A5D-B2B0-EC510D889AA0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 20AE4051-FA3B-4F0B-BD3D-083A14269FF6 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 67FB5ABE-3C40-4C58-B91F-0621C2180FAC (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 53909FD6-EC74-4D2F-99DA-26E70400B53F (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 55FE024D-0D43-40AD-9645-8C54ECF17824 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : EC411A8D-CD39-46F5-B8FC-6753E618FAEC (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BBCA75A6-0A3E-4393-8884-9F3CE190641E (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F3C12D3-7662-46C5-9E88-D1BE6CF605E0 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 046B53A0-6BC1-461A-9C28-C534CE12C4BD (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 5D1C767F-3E06-43B7-A0CC-D51D97A053EB (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 43A950B0-A7CA-4CE7-A393-A18C8C41B08E (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : A7E221CB-BD0F-4AEE-8646-998B75647714 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 225382DE-2919-48F4-9CC0-DE685EAAFDF4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad en el procesamiento de conexiones SSH de Cisco Firepower Management Center (FMC) y el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado cause una condición de Denegación de Servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un manejo inadecuado de errores cuando no se puede establecer una sesión SSH. Un atacante podría aprovechar esta vulnerabilidad enviando una alta tasa de conexiones SSH manipuladas a la instancia. Un exploit exitoso podría permitir que el atacante provoque el agotamiento de los recursos, lo que provocaría un reinicio en el dispositivo afectado. (string)

}

]

id : CVE-2022-20854 (string)

lastModified : 2024-11-26T16:09:02.407 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-11-15T21:15:27.867 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-dos-OwEunWJN (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-400 (string)

}

]

source : ykramarz@cisco.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-755 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object