A vulnerability in the SSL/TLS client of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper memory management when a device initiates SSL/TLS connections. An attacker could exploit this vulnerability by ensuring that the device will connect to an SSL/TLS server that is using specific encryption parameters. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2022-11-10T17:30:39.182Z
Updated: 2024-08-03T02:31:59.588Z
Reserved: 2021-11-02T13:28:29.191Z
Link: CVE-2022-20927
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-15T21:15:32.607
Modified: 2024-11-21T06:43:50.390
Link: CVE-2022-20927
Redhat
No data.